What's in a password? Well if you are like a great number of people, the answer to that question is, "the same thing in all my other passwords." In fact, the recent breach of Stratfor, a global intelligence firm, has put the company in hot water due to suspected cause of the breach as poor password policy - including, but not limited to the reuse of internal passwords.
Even as a farm of computers at Utah Valley University works at hacking through the publicly provided list of user names and "hashed" passwords the true solution to resolving this particular flavor of password problems is education. Essentially, as InfoWorld points out in their article, employees need to be instructed on the right procedures, processes, and policies to help prevent this issue in the future, and at other organizations. Without this, we'll keep reading about these issues, and keep pontificating about how safe is any data in the modern web age.
Ultimately though, education can only go so far, and the eradication of incidents like this one move further and further away from reality. The last line of defense, and in many cases the first, is making sure you have clearly thought through your own Change Management processes and Password Policies. Above and beyond setting and communicating standards, you need to conduct audits at regular intervals. It's also important to remember that risk assessment is ongoing exercise, making sure to contemplate scenarios where someone has been granted with keys to the castle.
While assessment is essential, don't discount the power of discussion. Start asking questions today. You may surprised what conversation come from problem statements like, "What are our current change management practices," and "What changes require approval?" Plus, if you don't currently have a Change Management solution - start looking for one now. In the wake of increased security attacks you'll find the functionality is invaluable.
Still not convinced? Then you should download our latest Change Management Getting Started Guide.The guide will walk you through 25 requirements your Change Management solution should have. Whether you are just doing some research for an upcoming project, or you have one ready to get underway, this guide is a must have.