Do you feel secure? Recently the news has been filled with reports of big retailers having major data breaches, operating systems having terrible vulnerabilities, and even legitimate businesses harvesting personal and private information from your account.
Even tiny web sites like this are constantly bombarded with attempts to gain administrative rights. Not a day goes by that I’m not notified by the system that someone from China or Eastern Europe has been trying to crack into the site. Some days are worse than others – I can see from five or six attempts to over a hundred targeted, deliberate attempts to hack the site.
I do what I can to keep it clean and safe, and the reality is that there’s nothing much anyone would gain by hacking my little web sites except some sort of perverse bragging rights. I have no illusions that a truly dedicated, knowledgeable attempt would succeed – if big corporations with all their resources are victims, my sites have no chance if the serious hackers turn their attention my way.
But it serves to show that we need to be aware and cognizant of security all the time. Recent articles have mentioned that the most common passwords are still things like ‘123456’ or ‘qwerty’ or equally simple codes. Having to think of complicated passwords (letters, numbers, characters) and then change them frequently (every 30 days or so) can make it a major pain to keep up with your latest password. Given the alternatives, though, it’s worth a little inconvenience, especially where your financials, health, or other personal information is concerned.
As IT professionals, we should be setting the good example. Have your team market the importance of protecting proprietary information, the importance of strong passwords, and the necessity to change them regularly. In my career I’ve seen customers keep a running, written log of their passwords, tacked to the side of their cubicle for anyone to see. I’ve also seen it scribbled onto the front of the computer itself, or on a post-it note stuck to the side of the monitor.
That type of behavior can no longer be tolerated in the modern business world. Since support professionals are in the front lines, they have a unique perspective on how seriously the business takes the concepts of security. They are also in a great position to be able to stress the importance protecting the companies information assets.