According to a recent Channel Insider/CompTIA survey, solution providers say there’s one problem bigger than the out-of-date antivirus. That’s poor password management. In 43 percent of security assessments, solution providers say they find poor password policies, enforcement and practices.
During a security panel Larry Walsh conducted at Breakaway, one of his panelists said that one medical practice he serves recognized the need for strong password policies and required each user to have a strong, mixed alphanumeric password for different applications and resources. The only problem was that this led to “sunflowers,” or users—including the practice’s owner—adorning their monitors with Post-it notes with scribbled passwords.
What I really liked about Larry's article about the survey was when he goes on to say:
Password management isn’t trivial. In fact, it’s hard because it’s both a technical and a human issue. As the solution providers on my CompTIA panel said, it’s up to solution providers to provide the guidance and tools to end users on how to improve their password management. Sometimes it’s just simple common sense - like never write down a password on a Post-it note and stick it to your monitor - or establishing policies and automated systems for forcing password rotation. Of course, password management is also a good excuse to talk about such things as single sign-on and multifactor authentication systems.
Isn't that so true? In AuthAnvil v3, we now include a powerful yet simple Self-Service Portal that makes strong authentication management quite trivial. Your users can take care of much of it themselves, from activating SoftTokens and resetting their PIN, right down to resyncing themselves and reporting lost or stolen tokens. And did I mention its FREE to all our customers?
Interested in learning more or seeing it in action? Let's Talk.
Comments