Disclaimer: After you read this, you may wish to change your passwords.
How easy do you think it is to shut down a 5000-mile gas pipeline? According to Bloomberg, all it took was just one single compromised employee password. Hackers took down the U.S’ largest gas pipeline and this led to shortages of gas across the east coast.
What does this example have to do with your business? This example just shows you that no matter the size of your business, we are all vulnerable to cyberattacks.
Due to the coronavirus pandemic, more people are spending more time online. Especially with the increase in remote working, people are accessing their work server by a remote virtual private network. To be a fully, agile and remote business, you need to have the right processes and procedures to be secure.
As a business owner, cybersecurity can be explained in a way that is complicated. It is often something that is associated with ‘The I.T team’, but it all starts and ends with you and your team. Just having good password procedures is the ultimate risk management procedure for any business.
As a cybersecurity company, the biggest breach of security we see for SME’s stems from weak passwords. Just one of your employees innocently submitting their details and password on a website could open the floodgates to a potential breach.
How long does it take to crack a password?
|Number of characters||Numbers only||Lowercase letters||Uppercase and Lowercase Letters||Numbers, Upper and Lower case letters||Numbers, Upper and Lower case Letters and Symbols|
|6||Instantly||Instantly||Instantly||1 second||5 seconds|
|7||Instantly||Instantly||25 seconds||1 minute||6 minutes|
|8||Instantly||5 seconds||22 minutes||1 hour||8 hours|
|9||Instantly||2 minutes||19 hours||3 days||3 weeks|
|10||Instantly||58 minutes||1 month||7 months||5 years|
|11||2 seconds||1 day||5 years||41 years||400 years|
|12||25 seconds||3 weeks||300 years||2,000 years||34,000 years|
Your employee’s click on a malicious web link or email could lead to a breach because might have reused their password on several online accounts and devices. A Google Harris Poll (2019) found that 52% of respondents admitted to reusing the same password for multiple accounts. The reasons for this are usually because people are aware of the risks but want something that is easy to remember.
Although it might be comforting to have an easy password to remember, the cybercriminals can also hack easy passwords. Just imagine what information they would have on you. By having your password, they will be able to empty your bank account, hack your social media, hack your emails and ruin your life.
Cybercriminals can either attack your account straight away or they can lurk like a trojan horse and learn how to take your organisation down. These attacks can stem from just slowing down your system, ransomware and even sending malicious and nasty emails to your clients.
As a leader, this goes beyond you. What about your client’s personal information? Your client’s information being compromised could cause you legal, financial risk and breaking GDPR rules.
However, the biggest effect is that your reputation will be damaged. As Warren Buffet says: “It takes 20 years to build a reputation and 5 minutes to ruin it.’
Having a great password mitigates against unauthorised access to your online accounts and devices.
Look at the checklist below and just take 10 minutes to check that your password procedures are safe and secure.
How to protect your business checklist
To protect your accounts, we recommend that you:
- Use a unique and separate password for your email.
- Use three random words to create a strong and memorable password.
- Use between 9-12 characters, with a mixture of symbols and numbers
- Store your passwords somewhere safe: use a password manager.
- Add extra security to important online accounts: turn on two-factor authentication. • Update all your electronic devices