Information about your personal life, buying practices, credit quality and life style is valuable to those who can profit from it. For the Corporation, information has even greater worth. It is not the "Bricks and Mortar" but the intangibles such as intellectual property, client lists, market strategies, pricing and compensation that account for over half the value of the modern enterprise.
All of this personal and business data most likely resides on a database somewhere and is available with a password. In fact, passwords are the most common means of entry in any system. They are also acknowledged as the most vulnerable points for security.
"Weak" or compromised passwords are the easiest way for hackers to gain entry into a system.
Simple or short passwords can be easily found out through "brute force" or "dictionary"
attacks which concentrate intense computer power to crack a password. A two letter password, for example, has only 676 combinations. A password with eight letters gives more safety with 208,000,000 combinations.
Ideally, a password should consist of 8 or more characters. They should also contain
a mixture of top and lower case letters, symbols and numbers. "A$d3B5i9X" would
be an example. Microsoft security has encouraged the concept of the "Pass Phrase" as an alternative. A expression such as for example,"TheLastGoodBookUBoughtCost$25!" offers all of the needed elements and is also easy to remember.
The human being factor or social engineering contributes to password compromises. It is estimated that employees share their password eight times a year. Passwords can also be cajoled from untrained or naïve workers. The standard rule is NEVER talk about a password.
Remember the cliché of the "Six Examples of Separation." You cannot know who will eventually end up with your password and own it.
To cope with these issues, many leading edge firms are adopting a defense in depth strategy utilizing three components to better safeguard their information
The three layers of authentication contain:
What you know...
A strong password or pass phrase
What you have...
A Crypto-key, smart card or token
Who you are...
A biometric aspect such as fingerprint, hand, or retinal recognition
Usage of these three defensive measures will increase dramatically in the future as people seek to thwart ever increasing threats to their private and personal information.
Many companies will be mandating them as a significant part of their security best-
methods to safeguard an extremely valuable asset: their treasured data.
Advertisemen