StorCentric Celebrates World Password Day

In 2021, data security remains the most important part of any organization’s IT infrastructure. On May 6th, World Password Day allows us to reconcile with the current state of our security infrastructure and make modifications or implement new solutions to prevent potential threats in the coming year. For World Password Day, StorCentric wants to give you a few tips on protecting your database by creating a strong password and some recommendations on keeping your data secured from ransomware.

Password Do’s and Don’ts

The first line of defense of protecting your data is having a strong password.

“World Password Day reminds us of just how critical it is to take every precaution to protect ourselves and our data. And certainly, a unique password is a great place to start,” explained JG Heithcock, GM of Retrospect, a StorCentric Company.

According to a study from Verizon, password dumper malware is the most prominent type of malware, which caused 40% of malware-related breaches in 2020. Having a strong password could save your organization a lot of money in the long run, and it’s an additional layer of protection to your database.

Here’s some common mistakes when people make when setting up a password:

Password Don’ts:

• Using passwords that contain your name

• Creating Simple Passwords

• Password recycling; using the same password for all your devices or wesbites

• Sharing Passwords

• Storing your password on the computer

You’d be surprised how careless people are with sensitive information or their login credentials to the organization’s network. What is more alarming is that people know that their passwords are weak and still use them. Sometimes employee’s carelessness is the leading risk factor for security breaches in an organization. That is why it is essential to have a strict organizational privacy policy and ensure the IT managers enforce the policies. Here are some tips on creating a strong password:

Password Do’s:

• Use long-phrase passwords; it takes more computing algorithms and resources to hack the password.
• Use random passwords, or you can use a password generator.
• Try to include numbers, symbols, and both uppercase and lowercase letters.
• Use different passwords for different accounts or devices
• Using Two-Factor Authentication along with the passwords

Securing Your Database’s Infrastructure

Now that you have set up a strong password to prevent intrusions to your database, let’s get to the more technical security aspects. If hackers get through your database by phishing for your password, they’ll take the next course of action by planting malicious ransomware through your IT infrastructure. Here are some critical steps to take to prevent hackers from entering your database.

1. Make sure you have a firewall that is resilient and capable of frequent firmware updates.
2. Backup your data to a secure location, whether it is on-premises or on the cloud. Our Assureon Secure Data vault gives you the flexibility of an on-premise, cloud, or hybrid data storage solution. As malware is now also targeting backups, Unity with Assureon® delivers an immutable Unbreakable Backup solution so you never have to worry about your ability to recover from ransomware attacks.
3. Routinely check your Security Infrastructure for potential breaching points. Know your system’s vulnerabilities.
4. Do not cut any corners when it comes to your infrastructure’s security. Carefully allocating money for business growth is essential but do not cut back funding for system security, or your organization will be paying a hefty price when there is a breach.
5. Finally, have a plan and process in case there is a data breach.

With these tips and recommendations, we feel confident that your database will be more secured. We will leave you with one final note so you can keep in mind when planning to keep your data secured for this year.

“The solution must be capable of recognizing and rejecting every such attempt, regardless of whether it’s from a virus, ransomware, spyware, user mistakes, software error — or a new threat that hasn’t even been discovered yet”.

- Mihir Shah, CEO of Nexsan, a StorCentric Company

Sources:

1. https://www.pandasecurity.com/en/mediacenter/tips/password-statistics/
2. https://passwordsgenerator.net/
3. https://www.investopedia.com/terms/t/twofactor-authentication-2fa.asp#:~:text=Key%20Takeaways-,Two%2Dfactor%20authentication%20(2FA)%20is%20a%20security%20system%20that,fingerprint%2C%20face%2C%20or%20retina.