How To Maintain Password Security During The Pandemic

How To Maintain Password Security During The Pandemic

If you’re worried about IT security during the pandemic, you’re not alone. You might have built your training and processes based on your staff working from the office. That was a known environment. Over a matter of weeks, millions of people have moved to full-time remote work. Staying secure during the coronavirus is a challenge, but it is one you can meet with a few techniques.

Pandemic IT Security: Start With Risk Assessment

Before you launch into new technology or other changes, you first need to gather information and assess your risks. The pandemic and social distancing measures reduce some threats and create others. Use these discussion points to clarify the security risks for your organization. 

●  Identify Portable Assets. Many of your staff will have corporate phones and laptops. Review your IT hardware inventories and make sure all devices are accounted for. Some laptops may have been misplaced during the scramble to set up remote work. You need to track down those devices quickly. If they remain unaccounted for, you face increased security risks.

●  Check With Vendors and Suppliers. Ask your vendor managers to reach out to critical suppliers. Ask them about their operations, staff and ability to meet requirements. Some industries — like outsourced call centers for customer service — are operating at 50% capacity. Other call centers are rapidly implementing remote work for the first time. Given the impact on your company’s confidential data, you need to understand how your vendors are reacting. If a vendor shuts down, deactivate their passwords while they are away to reduce your risk.

●  Check In With The IT Help Desk For Early Issues. As you scale up remote work, your help desk will receive requests that have security implications. For instance, if staff ask for permission to use home printers to print corporate documents, there are IT security implications to that request. Establish a weekly meeting between IT security and your help desk to discover these issues. Likewise, look for data on the number of password resets and sign-on attempts using multi-factor authentication.

●  Maintain Physical Security Measures At Your Offices. Your empty office buildings pose a security risk. Find out what monitoring systems you have in place, such as third-party security guards or security card access logs. Regularly reach out to facilities and security to detect potential security problems. Likewise, a single thief could find all those “hidden” passwords on post-it notes and scraps of paper in just a few minutes!

Through this process, you will identify a few new risks that need to be managed. All of these considerations will have an impact on password security.

Increase Your Communication On Security Fundamentals

Now that you have better information on your security risks, you will be able to communicate with employees more effectively. During the pandemic crisis, employees are going to be distracted, and their old security habits may slip. Guide employees to maintain good habits by regularly communicating on the following themes. 

●  Password Security Is Everyone’s Job. Some security tasks require specialized expertise. Passwords are different. Every employee has a role to play in protecting their password.

●  Make Password Resets Easily Available. During the pandemic crisis, employees are going to feel more stress and anxiety. That means people may forget their passwords or make too many invalid login attempts. Reassure your staff that password resets are available to them whenever needed.

●  Discourage Poor Password Habits. In the office, writing down a password in a notebook is a bad habit. At home, it can be much worse. What if a password scrap of paper ends up in the garbage or seen by somebody else? These scenarios are real possibilities. If you have already developed a password security training for employees, refer your staff to those resources.

As a starting point, start by sending a weekly security bulletin to all employees for the first few weeks of large scale remote work. After that point, target your password security communications to departments that need more help. For example, a department with a large number of casual or part-time staff may need more guidance on how to use and protect passwords.

Support Better Password Security With Technology

At first, switching to a fully remote workforce may have felt like a shock. However, it is quickly emerging as the new normal. Therefore, it is your job to find ways to support staff working remotely with easy password security. There are two types of security software solutions you need to consider. 

●  Single Sign-On Software. It is much easier to stay on top of your passwords when you only have one to keep memorized. Unfortunately, most professionals have more than a dozen passwords to keep straight! With single sign-on, you can give users a single password they can use to access everything on your network. 

●  Make Password Rests Available 24/7. Life happens. You came back from vacation and forgot a password. Or you’re under stress about an upcoming meeting and enter your password incorrectly too many times (it has happened to us!). These issues will come up. During the pandemic, you are probably going to have reduced capacity in some departments and longer working hours in other areas. That means your IT help desk may not be able to keep up with all of the password reset requests. To solve that problem, install an IT security chatbot that can provide password resets whenever your employees need them.

IT Security During The Pandemic: Embrace Flexibility and Adjust

Switching your entire organization to remote work quickly is bound to cause some operational difficulties. In some cases, your staff might become frustrated at overloaded systems like a VPN (virtual private network) or conference phone systems. With password security, you are going to face more demands for service and support. As these issues come up, take a balanced approach between enforcing password discipline and recognize that employees are struggling through a crisis. The more you can provide training and coaching to your employees on password best practices, the more successful they will become.

Written by Nelson Cicchitto