EXTEND AND AUGMENT YOUR EMPLOYEE SECURITY AWARENESS PROGRAM AND REMOVE RISK, COST AND STRESS FROM EMPLOYEE PASSWORD MANAGEMENT Password Coach replaces DIY employee password management with a simple drill that guides all employees in the creation and protection of policy compliant strong passwords
Welcome message from author
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
EXTEND AND AUGMENT YOUR EMPLOYEE SECURITY AWARENESS PROGRAM AND REMOVE
RISK, COST AND STRESS FROM EMPLOYEE PASSWORD MANAGEMENT
Password Coach replaces DIY employee password management with a simple drill
that guides all employees in the creation and protection of policy compliant
strong passwords
At home, our passwords are our own choosing and so familiar to us, but we
can only remember a handful So we reuse them for years
THE PASSWORD PROBLEM OUR SHARED COGNITIVE LIMITATIONS ENCOURAGE RISKY BEHAVIOURS
DIY PASSWORD MANAGEMENT CAUSES SECURITY RISKS AT HOME AND AT WORK
At work, our passwords are shaped by security policy, and so are unfamiliar
and unmemorable So we make a note of them
REUSING OLD PASSWORDS FOREVER HAS ALWAYS
BEEN RISKY BUT NOW THAT THERE IS A ‘GOOGLE FOR
PASSWORDS’ IT ONLY TAKES A MOMENT TO FIND ANYONE’S OLD PASSWORD
NOW THAT BILLIONS OF OUR PASSWORDS ARE IN A SEARCH ENGINE, REUSE IS MORE RISKY THAN EVER
leakedsource.com
• It is estimated that password management and related support costs due to forgotten passwords cost businesses upwards of $420 (USD) per FTE per annum
• The average cost of a cyber attack for an Australian business is over $622,515
RISKY AND EXPENSIVE HOW DO WE MANAGE TO BE SO AWESOME?
LEAVING STAFF TO THEIR OWN DEVICES CONTINUES TO BE EXPENSIVE
DIY EMPLOYEE PASSWORD MANAGEMENT IS BOTH RISKY AND EXPENSIVE
ONLY 8% OF INDIVIDUALS USE A
SOFTWARE-BASED PASSWORD MANAGER
SOFTWARE ISN’T THE ANSWER FOR MOST OF US
IS THERE A WAY TO HAVE EVERYONE
COMPLY WITH POLICY WITHOUT
ENCOURAGING RISK TAKING?
THE PASSWORD POLICY IS IMPORTANT IN PRESCRIBING PASSWORDS BUT ENCOURAGES RISK TAKING
PASSWORD COACH IS AN INTUITIVE, REPEATABLE DRILL THAT GUIDES EMPLOYEES IN THE USE OF POLICY COMPLIANT PASSWORDS AND RENDERS POLICY WORKAROUNDS REDUNDANT
PASSWORD COACH YES THERE IS!
MAKING RISKY POLICY WORKAROUNDS REDUNDANT
At work, Jim is required to change his password every month
Jim is pretty sure that he is not going to remember his new password and typically solves the problem with a sticky note
MEET JIM JIM’S DIY PASSWORD MANAGEMENT PROCESS INVOLVES A FAIR AMOUNT OF RISK
JIM IS NOT A BIG FAN OF PASSWORD CHANGE DAY
Rather than leave staff to their own devices on password change day, the security team has enrolled the entire company in the Password Coach’s safe password program
Jim is cautiously optimistic
THE COACH’S PROGRAM A HELPING HAND WITH POLICY COMPLIANCE
PROACTIVE ASSISTANCE TO MAKE COSTLY AND RISKY POLICY WORKAROUNDS REDUNDANT
As part of the program, each employee has been allocated a version of the Employee Guide to Essential Password Security, which has been customised for the business
MEET THE COACH THE NO SOFTWARE ALTERNATIVE TO DIY PASSWORD MANAGEMENT
THE COACH IS DESIGNED TO HELP US ALL USE PASSWORDS IN A SMARTER AND SAFER WAY
THE 3 STEP DRILL FOR
SECURE PASSWORD
GENERATION AND RETRIEVAL
HOW IT WORKS
It’s the first of the month and time once again to set a new system password. Jim has already sat through the short Password Coach training video and has his secret 12 step password pattern ready to go.
STEP 1: PREPARATION THREE STEPS TO SECURE PASSWORD GENERATION AND RETRIEVAL
JIM HAS MEMORISED A SIMPLE PATTERN THAT HE’LL USE TO GENERATE HIS PASSWORDS
Jim clicks open his Employee Guide and navigates to the right page for the current month
Jim thinks back to his secret password pattern and mentally overlays it onto the Guide to visualise his new secure password
STEP 2: VISUALISATION THREE STEPS TO SECURE PASSWORD GENERATION AND RETRIEVAL
JIM MENTALLY OVERLAYS HIS SECRET PATTERN TO GENERATE A PASSWORD
Jim taps in the new password to complete the change
STEP 3: PUT IT TO WORK THREE STEPS TO SECURE PASSWORD GENERATION AND RETRIEVAL
JIM NOW HAS A WAY OF RETRIEVING HIS PASSWORD WITHOUT HAVING TO REMEMBER IT OR WRITE IT DOWN
HewillbereferringtothateverydayandsoJimleavesitwithineasyreach
JimthenprintsoffthepageintheGuidethatheusedtogeneratehisnewpassword
3 SIMPLE STEPS TO HELP STAFF GENERATE
POLICY COMPLIANT PASSWORDS WITHOUT ANY OF THE USUAL
STRESS, COST AND RISK
THAT’S IT!
Reducedopera>ngcosts.NomoreDIYpasswordmanagement.Fewerriskybehaviours.Moreproduc>vity.Lessstress.
Easytobuy.Fullyhosted.NosoGwaretoinstallorsupport.Saferstaff–athome,atworkandontheroad
DON’T LET YOUR PEOPLE SOLDIER ON WITH COSTLY & RISKY DIY PASSWORD
MANAGEMENT
GET THE COACH IN For more details drop us a line at [email protected] or call Simon on +61 499 077 190
Download a sample Employee Coaching Guide from www.passwordcoach.com/enterprise
PASSWORDS SCRIBBLERS FUN FACTS
AN ALARMINGLY HIGH PROPORTION OF INFORMATION PROFESSIONALS WRITE THEIR PASSWORDS DOWN
9%saidtheywritedownpasswordsinafile/documentontheircomputerinaplain,unprotectedformat14%saidtheywritedownpasswordsinafile/documentontheircomputerandprotectbypassword7%saidtheywritedownpasswordsinafile/documentonaremovabledevice(i.e.,USBs>ck)8%saidtheywritedownpasswordsinafile/documentontheirsmartphoneortablet6%saidtheywritedownpasswordsonas>ckerthatisstoredneartheircomputer20%saidtheywritedownpasswordsinanotepad
Q:Whichofthefollowingmethodsdoyouusetostorepasswordsandpasswordreminders?
Related Documents
![An Accelerated Approach to Safely and Efficiently Test Pre ...arxiv.org/pdf/1805.02114v2.pdfon-road deployment, becomes time-consuming, risky, and costly [2], [3], [4]. Google cars,](https://static.cupdf.com/doc/110x72/5fa0d00b133adc5a260fb79b/an-accelerated-approach-to-safely-and-eficiently-test-pre-arxivorgpdf1805.jpg)
