SMEs: when it comes to password management, prevention is better than cure

We’ve already alerted you to the need for IT security measures for SMEs, logically including a reference to the use of passwords.
Today, we need to reinforce our communication on the importance of rigorous and careful control of all access controls to private and/or professional data on the Internet, and in particular on the cloud.

Dropbox, victim of hackers

Millions of users naturally place their trust in Dropbox, the cloud-based data storage tool, and the number of loyal users continues to grow every year, each relying on the reliability of its data storage and security standards.
However, it was in 2012 that the firm suffered a fine demonstration by hackers (information widely revealed in 2016), as more than 68 million identifiers were leaked onto the web: e-mail addresses and passwords were thus hacked.
Fortunately for users, Dropbox was already using encryption systems that prevented a clear reading of the data, since it was “hashed” and therefore remained partially protected.
But the American company had to react and intervene to limit the damage.

Fear doesn’t avoid danger, but it keeps it at bay

The fear of having protected information usurped remains very real, and should lead users to take serious action.
As Dropbox did with its users after suffering this virulent attack, everyone should establish rules of practice when setting up their passwords.
Admittedly, this implies constraints (in terms of time and organization), but changing passwords regularly is the only way to prevent data piracy.

One-time password, a mistake you should never make again

With the rise of cloud-based data storage, hackers are going to great lengths to achieve their ends, as we discussed in our article on cloud vulnerabilities, with particular reference to Amazon and Apple.
So it’s up to cloud users to avoid making rookie mistakes (even if they are just starting out), which make it much easier for hackers to carry out their malicious missions.
Let’s make it harder for them, and apply some basic but effective measures.

A single password is often chosen for the sake of simplicity.
You only need to memorize one access key, which you usually save, so you don’t have to enter it every time you want to access your stored and protected data.

It’s the biggest mistake we can make, and we need to be aware that our habits aren’t always the best.
Of course, they can be corrected, and better still, they should be.

Password protection and management software

To combat data theft and strengthen the security of our various user accounts, on every possible platform (e-commerce sites, cloud, banks, messaging systems or social networks), we can now rely on so-called password management software.
Among the most popular and widely used are Keepass and Dashlane, although they are by no means the only ones on the market.

Their operation is simple and makes your work easier: you only need to remember one password, and the manager takes care of encrypting all the others.
What’s more, this type of software can be used to randomly define more or less complex identifiers and access keys, depending on the degree of protection you require against piracy.
If you’re not yet a fan of enhanced protection, perhaps you should start now…

To download Keepass, click HERE.
To download Dashlane, click HERE.