Insurance and Security

Four best practices for small business authentication

One of the simplest ways for companies to help protect their data is to establish authentication guidelines and offer employee training programs about how to safeguard information. Follow these four tips to help ensure the security of devices and networks.

1. Require regular password updates

Most experts recommend regular password updates every 60-90 days. Work with your IT department or technology expert to require employees to change their passwords to help secure company data.

This practice can help minimize some of the risk in the event of a security breach, making it more difficult for an online criminal to:

  • Crack passwords

  • Create bogus employee accounts

  • Install a program that bypasses security safeguards

Also, employees should immediately change their passwords if their email accounts are hacked or if they click on a link in a suspicious email.

2. Set complex password rules

To reduce the risk of compromised passwords, set complex rules requiring company passwords to be:

  • Encrypted

  • A mix of lower and uppercase letters, symbols, and numbers

  • Different than employees’ other online accounts

  • Something that doesn’t include any part of an employee’s email address

3. Add additional security

Activate a two-step authentication option when available. Two-step authentication is a method of identity verification using two different components, such as a password and security token or one-time code sent to a user’s phone. Because this method combines something you have (a token or code) with something you know (a password), it’s more effective in securing account access.

4. Train your employees

One of the best ways to help prevent a security breach is to train your staff on how to recognize and report threats. Many companies require new hires to complete courses about security policies and procedures and also mandate refresher training by all employees annually.

Through a combination of password rules and requirements, enhanced security, and education, you and your employees can help protect and maintain one of your company’s most valuable assets - information.