[Hidden-tech] security audit of network and website properties

Chris Hart email at chrishart.net
Tue Aug 26 10:10:08 EDT 2014

Previous message: [Hidden-tech] NERDSUMMIT 2014 Big announcements!
Next message: [Hidden-tech] security audit of network and website properties
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

The number 1 suggestion I have for network and 'net security is to have good
password practices:
1) using long, random passwords, that are unique for every single
site/service/account
2) storing them in an encrypted password manager and nowhere else
(1Password, LastPass, DashLane, etc.)
3) change the passwords once in a while
- change critical passwords (like banking/financial) on a quarterly basis
- any time someone leaves your company, change the codes that you know they
had access to

If you don't have strong password practices as a starting point, all the
security in the world is worthless.  And I can't tell you how many
individuals and business I encounter who have lousy password habits and are
making themselves vulnerable.

And if others in the organization are responsible for establishing new /
changing passwords sometimes, you should audit their passwords, too.  I have
seen many instances of the boss at a company pushing through my password
practice recommendations to the staff, only to have the staff change the
passwords back to something "easy" shortly thereafter.  (Of course using
password managers should negate the need for 'easy' passwords, but some
people are stubborn and minimize the threats/risks in their head and talk
themselves out of the need for strong passwords.)

Chris Hart

    • Computer Support & Technology Consulting

        for Connecticut and Western Massachusetts

            Tel: 860-291-9393

                http://www.MyMacTech.com

 On 8/26/2014 7:48 AM, Rob Laporte wrote:

>  This leads me to a new but related topic and question: are there network and
> security experts on this list? If so, I think it would be good to hear from
> them, for all our sakes. A security audit of network and website properties
> should probably be higher on most of our todo lists than it is.
>  
>  Best Regards,
>  
>  Rob Laporte
>  President and CEO
>  DISC, Inc. - "Making Web Sites Make Money"
>  413-584-6500
>  Fax  413-553-0745
>  Rob at 2disc.com 
>  www.2disc.com <http://www.2disc.com>
> 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.hidden-tech.net/pipermail/hidden-discuss/attachments/20140826/0694362a/attachment.html

Previous message: [Hidden-tech] NERDSUMMIT 2014 Big announcements!
Next message: [Hidden-tech] security audit of network and website properties
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Hidden-discuss mailing list