Password,Policy,Modern,corpora computer Password Policy


Gone are those times when the companies and the organisations didn't need a hi-tech system to handle them. Owing to the considerable increase in the business sector and thus, an enormous increase in the complexity of the organisational struc ----------------------------------------------------------Permission is granted for the below article to forward,reprint, distribute, use for ezine, newsletter, website,offer as free bonus or part of a product for sale as longas no changes a


Modern corporate life means due dilegence, adhering to legislation, and many other distractions from the core business of an organisation. Where computers are concerned, there is potential for abuse of corporate systems, infection of corporate systems with viruses, trojans and other malware, and damage to reputation through hacking and improper use of resources by employees. Every organization should have policies on use of computers. These should include:An acceptable use policy, which describes how the firm’s computers can be used An email policy, which defines how email can be used A password policy, where the use of passwords is definedThe last item may be unfamiliar to many, however, passwords can be the weak point in an organization's security. They are often abused, decreasing their strengths. It is worth educating users and defining the use of passwords with a formal policy. The users should read the policy, understand it, and adhere to it. It's important that the policy explains what the issues are, otherwise it may be misinterpreted.Rule 0: The password policy should be part of every employee's Terms and Conditions. So, what's wrong with passwords? Typically, passwords are badly chosen. As a result, they can be guessed easily and quickly. They are also more vulnerable to brute-force attacks, where every possible password combination is tried. Choosing a good password is a skill, but it's an easily learned one. The first thing is to not choose a very bad password. Firstly, Passwords should not be a simple dictionary word or name - hacker tools often include basic dictionaries, and these words will be tested first. People's names, automobile models, sports teams, and many other names are all used in passwords, and they are all candidates for hackers to break quickly. When a hacker is attempting to break a password, his tools will test all of his dictionary of words and names, and also use simple substitutions such as changing the letter "I" for a number 1, "O" for zero, and so on. They may also append a number to the end of the world. Rule 1: Never base a password on a single word. The next step in choosing a good password is to make it long. A password should be at least eight characters, and ideally 12 or more. The longer a password, the less chance of a hacker breaking it quickly. To connotate two words will create a longer word, but hacker tools will search for this, and it is better to misspell one or both of the words, so a straight dictionary approach will not work. If you do choose to use this approach, DO NOT use two words that someone will associate with you - choose them at random from a newspaper, for example.Using both upper and lower case will help too, if the application supports it, some do not. If it does, then use the upper and lower case at random, not just at the start of the password, again, this will help. The last tool I'm going to discuss for password security is adding numbers and punctuation marks to the password. Knock out the occasional letter and replace it with a number or a punctuation mark. Some punctuation marks may not be allowed in some applications, it's best to check, or to avoid greater than ">", less than "<", the quotation marks """, "'" and "`", and the semicolon and ampersand. I encourage you to try any unusual symbols on your keyboard, for example"¬".Rule 2: Use long passwords, including both upper and lower case, numerics and quotation marks. Now, there's a temptation to write down difficult passwords. If you do write them down, then disguise them. Hide them in a word search grid in your diary - the answer will jump out at you, but a thief will struggle to find the password. Never keep them in a desk drawer or on the monitor. A better idea is to use a utility called Password Safe, http://passwordsafe.sourceforge.net/. This keeps all your passwords safe, using very strong encryption. Rule 3: Never write passwords down in an easy to read form. Rule 4: Never leave passwords near the PC. There's another problem with passwords, they (and the accounts that they are associated with) are often shared between several users. This may be done only on certain occasions, for example when a key employee takes vacation or is sick, or may be due to only one account being shared within a team. When an account is shared, there is no audit trail. This creates an opportunity for fraud. Each person should have an account, and only use their own account. For employees sick or on holiday, they should not be asked for their password, but their password should be reset by the helpdesk, with the new password given to the appropriate manager. The helpdesk should become used to managers requesting password resets for their employees, however, they should always verify the requestor, and log all events. When the employee returns from vacation, they should get their password reset again. Rule 5: Never share accounts or give out passwords. Password resets should be usedThere is also a danger when sharing a password on more than one system. It makes the user's life easy if they only have to remember one password. Single-sign-on systems can be very useful in the corporate environment, but users should NOT use their work passwords for any systems they use at home. Many web sites are poorly written, and passwords may be available via techniques such as SQL injection, or simply from fraud by the operators. There are many ways in which a password can be learned. Once a password is known, a website operator might trace site activity back to your company, and might attempt to break in using the password.Rule 6: Never use a work password for leisureThe last point I wish to make is when employees leave the company. Every account that they have access to should have its password reset as soon as they leave the building. The manager can take control of the accounts if required, but the passwords should be reset as soon as possible. This is vitally important if shared accounts are in use.Rule 7: Reset accounts as soon as employees leave the firmThis concludes the article on email and passwords. I hope that it help you to clarify what the policy for your organization should be. Alistair McDonald is the author of SpamAssassin: A Pracitcal Guide to Configuration, Customization, and Integration. You can read more about Alistair's book here: http://www.packtpub.com/book/spamassassin

Password,Policy,Modern,corpora

computer

Equipment Rental Software – Features And Cost

Equipment rental management software is an essential thing these days for any equipment rental company.A well-developed equipment rental software provides you with a variety of features that can really help you maintain and organise your cus ...

computer

5 Big Reasons Why I Migrated From Angularjs To React

I have 5 main reasons for my angularjs to react migration. No, it's not a comparison on which is better. A comparison between apples and oranges would make no point. React is a library, and angular is a framework. Both can do stuff in their ...

computer

How to troubleshoot McAfee error 2318?

Security software means McAfee! For many computer users, McAfee antivirus is the only choice for security software as it provides all the features and tools which are necessary for device and data protection. This robust antivirus merely sho ...

computer

Manage Multiple Counter With AlignBooks Point of Sale

Fulfilling your businesss needs which can grow your firm is our aim. AlignBooks is better known for providing a strong pillar to newly started or midway businesss. Those companies who dont want to fall back with irregularity manage the inven ...

computer

How to Autoplay Embedded YouTube Videos

Source: How to Autoplay Embedded YouTube VideosEmbedding a video or audio enables the users to share their videos with any of their preferred sites or any social networking platforms. They can do so by copying the embedded link of the parti ...

computer

3 Major Mistakes to Avoid in Retail Business

Truth be told, nearly half of the retail businesses survive longer than four years and which can be something to ponder for a newbie before stepping into the industry. However, this being said, it is also true that you can excel in the indus ...

computer

Start Your Own Computer Repair Business

1. Know your street value. In the early 90's, running a PC repair business centered around selling parts and products, with service on the side. Today, it's about selling hours. If you run a business, you need to consider the X3 rule. That m ...

computer

How Establishments Show Up in Restaurant Searches

The revolutionary rise of technology has made things easy-peasy for consumers in the restaurant industry. Unlike the old days, the availability of innumerable platforms has made it possible for diners to choose from various searching options ...

computer

GuildWars 2 :

The last expansion pack for Guild Wars 2 was Path of Fire, which was released in 2017 and brings you a new enemy-Balthazar, the evil god of war. Although this doesn't sound like another expansion pack currently in production, some fans ma ...

computer

Customer Support at the time of COVID-19 Pandemic

COVID-19 is the worst crisis of our time as we observe social distancing protocols being imposed all around the world. While these measures are a step in effectively managing the COVID-19 pandemic, Hospitality and Retail businesses are confr ...

computer

How to Choose a Contract Management Solution (CLM)?

Contract life cycle management (CLM) systems can simplify and automate contract creation, negotiation, execution and storage. They are an intelligent alternative to the tedious hand tools formerly used for these tasks, which lacked visibili ...

computer

Contacting Google Live Person to Resolve Your Issues

Users are fond of all the Google supported products and look forward to the best services. Also, Google as a whole has never disappointed its users and helped them at every point with its commendable services. Also, being a customer-oriente ...

computer

how to uninstall discord

How to Uninstall Discord in Windows 10? has supported open source technologies, our tool is secure and safe to use. To uninstall a discord from your windows, you'll use this method which is given below.USING THIRD PARTY TOOLS1. Firstly, you ...