wpostServer: http://css.washingtonpost.com/wpost

The Post Most: Business

World Markets from      

 

Other Market Data from      

 

Key Rates from      

 
On Small Business
On Twitter Follow |  On Facebook Fan |  RSS RSS Feed
Posted at 08:00 AM ET, 07/11/2012

An online password guide for small business owners

Running a business in the Internet age, you’re bound to face security challenges that simply didn’t exist in the past.


Business owners don’t just have their personal finances riding on their password protection. So how do they maintain security - and sanity? (Gillian Blease - GETTY IMAGES/IKON IMAGES)
In the good old days, at most, you needed an alarm system on your building, a lock for the file cabinet, and maybe an armored car service if you dealt with significant quantities of cash. Now you need all that plus a network firewall, a secure server, and an encrypted database for sensitive records.

Often, you have to share things like credit cards, web logins, identification documents and more with employees, and these items are fraud risks if they fall into the wrong hands.

If you have an online presence (and you probably should), then your small business is a potential target for hackers.

Password security can easily be the most vulnerable aspect of your business. A crook with your online banking password can rob you blind and ruin your credit in a matter of minutes.

But the biggest problem with passwords is that there are far too many of them. Think about the things in your life that are now password protected: Work-related files, mobile phones, home computers, tablets, bank cards and online banking sites, social networks – the list goes on.

Hackers are increasingly (and sadly, often successfully) pursuing websites, services and businesses with less robust security – consider the Sony, Sega, and Gawker/Gizmodo hackings a few months ago. Hackers specifically target the usernames and passwords obtained on “higher value” sites and services, such as Yahoo and Gmail accounts, Facebook, PayPal, and even online banks and other financial services websites.

So how can you keep track of your ever-growing list of usernames and passwords while staying safe and secure at the same time? Here are some basic steps:

• Don’t use the same username/password combination over and over. Use a different one for each new service you sign up for, especially if it is a site for email, online banking, retirement accounts, insurance or health care.

• Use strong passwords. Strong passwords include eight characters or more, not just letters and numbers, not a single word in the dictionary, not a birthday, not your anniversary, and not a person’s name.

• Be creative. An easy way to create a strong password is to think of it as a “passphrase” instead. Put a couple of short words together with spaces or dashes in between (”car-park-city” or “dog likes toys”). A passphrase like this is much easier to remember than a secure password like “K8h&j#s!M” and provides roughly the same level of security.

• Be especially careful about protecting access to your email address. Why so important? Because you reset passwords using your email. You just click the “Forgot My Password” link on the login screen of a website and you get an email allowing you to create a new one, right?

A thief can do that as easily as you can. He creates a new password to your account, and boom: he has access to your account and you don’t anymore. Then he might delete the confirmation email and you wouldn’t even know your identity has been hijacked until it’s too late.

• How can you remember all of those different passwords? Try a password manager, which creates a digital safe for you on your computer or phone. You just remember one single master password, and then you can access all of your other passwords organized by type and category.

The password manager can then log you into websites so you don’t have to type usernames and passwords over and over again. Of course, look for well-reviewed password programs from companies that have a long history of reliability.

By following some of these simple rules, you’ll can discourage hackers from taking aim at your business, because your passwords will be strong enough to make cracking them not worthwhile.

Justin Cepelak is vice president of product management for SplashData, which offers business and consumer productivity applications for smartphones.

Related: Thre e things you need to know about cybersecurity insurace

Do you have other tips or advice for protecting your passwords? What other cybersecurity issues have you found most critical as a business owner? Please share with us in the comments.

By  |  08:00 AM ET, 07/11/2012

Tags:  small business

 
Read what others are saying
     

    © 2011 The Washington Post Company