中文网站
  Advanced Search
Read the latest Blogs from IT professionals in the field. Read and write community created documents. Need IT help? Ask our staff. Connect with your peers. Check our Tech Shop for posters, books and software tools. Home
HomeInformation, Computer and Network SecurityPolicies and OperationsProtecting PERSONAL INFORMATION - A Guide for Business 3. Lock it - Protect the information that you keep

Protect the information that you keep - Password Management

  • Control access to sensitive information by requiring that employees use "strong" passwords. Tech security experts say the longer the password,the better. Because simple passwords—like common dictionary words—can be guessed easily, insist that employees choose passwords with a mix of letters, numbers, and characters. Require an employee's user name and password to be different, and require frequent changes in passwords.
  • Explain to employees why it's against company policy to share their passwords or post them near their workstations.
  • Use password-activated screen savers to lock employee computers after a period of inactivity.
  • Lock out users who don't enter the correct password within a designated number of log-on attempts.
  • Warn employees about possible calls from identity thieves attempting to deceive them into giving out their passwords by impersonating members of your IT staff. Let employees know that calls like this are always fraudulent, and that no one should be asking them to reveal their passwords.
  • When installing new software, immediately change vendor-supplied default passwords to a more secure strong password.
  • Caution employees against transmitting sensitive personally identifying data—Social Security numbers, passwords, account information—via email. Unencrypted email is not a secure way to transmit any information.
‹ Protect the information that you keep - Electronic SecurityupProtect the information that you keep - Laptop Security and Firewalls ›