Never ever write your password on a Post It. You’d think everyone would have this down by now.
Yet many folks are still breaking this key tech security commandment and some other biggies … and putting sensitive financial information at risk in the process.
That’s the finding of a new survey commissioned by Siber Systems. It reads like a laundry list of what not to do with your company’s PCs. The trouble is that many people are doing them everyday at work.
And if those people work in your finance department you’re exposed to a whole host of potentially very expensive problems.
Check out these IT security “commandments” being broken so you can be on the lookout with your own staffers.
Thou shalt not use the same passwords over and over
More than half (59%) of people use and memorize five or fewer passwords, which might not be a problem, until you consider this:
- 74% say they log in to six or more sites daily, and
- 30% log in to more than ten secure sites.
That means there’s plenty of repeating going on. Yes, it can be a nuisance to remember so many different passwords, but make sure staffers realize they should have a unique password for each site.
Thou shalt not let your browser help you out
With so many passwords to keep straight, it’s certainly easier to take your computer up on its offer to remember them for you. But that’s an invitation to trouble since browsers can be scraped by malware.
And nearly three-quarters of folks say they’re putting that invitation out there.
Make it a Finance-wide policy not to let browsers store passwords. The extra 3 seconds to type it in is well worth the peace of mind.
Thou shall always log out of secure sites
Your A/P staffer is finished on your bank’s website. Are you sure he or she is logging out of it?
Odds are against it. More than three-quarters of employees admit that they don’t always log out of a secure website when they’re done using it.
Remind your staffers it’s not just enough to x out either. You often have to go to the sign out feature in the top corner of the screen to make sure someone else can’t just jump back into your accounts.
Though shalt not write down your passwords
This is the one everyone knows. What’s the point of having a password if it’s on paper for anyone to see? And yet it’s still not enough to make some people change their behavior.
Close to half (42%) of folks say they keep a written cheat sheet of website passwords. Another group puts them on their phones to keep them all in one place. Neither should be routes your finance staffers take.
You might think this isn’t even something you should have to tell your team. But with this new evidence to the contrary, now seems like the perfect time for a reminder.