One simple way to keep your information secure is to make sure you and your employees use strong passwords. How can I determine whether or not my password is strong? There are three factors.

The strength of a password can be determined by its: 

   Length

  Complexity

  Randomness

Password Length is the number of characters that are used in the password. The longer a password is, the more difficult it is to guess.

Password Complexity involves the characters used to form a password. A complex password uses characters from at least three of the following categories:

   English uppercase (A-Z)

   English lowercase (a-z)

   Digits (0-9)

   Nonalphanumeric characters (!@#)

   Unicode characters

Password Randomness is a password that does not make sense and so it is not easily guessed by others.

To keep your information safe it is important to have an expiration date on all passwords. This is known as maximum password age. There is a setting in Windows which your administrator can use to choose how many days there will be before your password expires. There is also a minimum password age setting which determines the amount of days that a password must be used for before a user can change it. There is also a setting that determines the number of unique passwords that you have to use before you can re-use a password. This is known as password history. Password history stops users from repeatedly using the same password. This will help to keep your companies information safe.

It is important to constantly remind your employees of this to make sure to keep your company’s data safe.

Account lockout is the amount of incorrect logon attempts allowed before the system locks an account. Using this will allow you to stop people from being able to access your information if they cannot get your password after a limited amount of tries.

Microsoft provides three separate settings with respect to account lockout:

  Account lockout duration

  Account lockout threshold

  Reset account lockout counter after

Account lockout duration is the amount of time you will be locked out of your account for as a result of too many incorrect password attempts. This should be set by your company’s administrator.

Account lockout threshold determines the amount of failed logon attempts set that will cause you to be locked out of your account. This issue can only be resolved by the administrator of your company resetting the account or the time specified by the account lockout duration expiring.

Reset account lockout counter after determines how many minutes there must be before the amount of bad logon attempts resets. This only has meaning when the account lockout threshold is specified.

Using the same password for multiple accounts

It is NOT a good idea to use the same password for different accounts. If you did a hacker would be able to log in to your businesses documents, your social media page and much worse. They could do all of this just by finding out your computer logon password. That is why each of your passwords should be different.

Password Strength

To give you an example of a way to make a password difficult to guess but easy to memorise here is a comic on password strength made by https://xkcd.com/936/

Password Manager

A problem that many people have is that they forget their passwords. In order to remember your passwords it would be a good idea to use a password manager tool. Password manager is a software app that allows the user to store all of their passwords. This app will encrypt them and once you enter your password for the app it will give you access to all of your passwords.

I have a table below to show the prices, compatibility and features of different Password Manager Applications. Different Applications are suitable for different computers. This table should help you to decide which Password Manager App you want to use.

The one that I would recommend is RoboForm Everywhere because it is fairly priced, works with most operating systems, most devices and browsers and if anything goes wrong it is easy to get in contact with them.

Nowadays, Ransomware and cyber-attacks have become common threats on the internet. Based on a recent security breach survey by the government and conducted by PWC in 2015 shows that

​ 90% of large organisations and 74% of small businesses had a security breach, this is an increase on the 2014 and 2013 figures

 the average cost to a large organisation started from £1.46m and from £75 on average for a small business

These figures only show how important it is to be protected against these continuous evolving cyber-attacks and anti-malware. It is crucial to any business having a sophisticated Anti-malware software working in conjunction with a resistant firewall.

However choosing the correct firewall has been a time consuming and tremendous challenge for anyone especially small businesses, decisions on which infrastructure to take, resources to invest and so on – Welcome to the cyber jungle!

How can a firewall help?

Firewalls can be either soft or hardware based or both. A Hardware firewall is typically found in a network/ broadband router and includes firewall features. Software firewalls are personal firewalls, which protect a single PC however some enterprise firewalls have both.

 ​   Blocks or prevents unauthorized access to a network

    Barriers to keep critical elements out of a network

    Works as filters for your network traffic by blocking incoming packets (small chunks of data) of information that are seen as unsafe

    Control traffic flowing in and out of networks through packet filtering, which is filtering and analysing chunks of data

What is important to know when it comes to decide for a firewall?

    Ensure your business is protected and has got the appropriate up-to-date anti-virus in conjunction with a resistant firewall

    Your type of business: Are you a small to medium sized company or an enterprise?

    What is your market: For example a financial company needs extra comfort and security and therefore may need latest and top of the range firewalls

    Is your staff working from home or other locations outside the office and uses VNP connection or cloud products?

    What features are you looking for from within a firewall? Will you require UTM features? Unified Threat Management is a category of security      
        appliances such as anti-virus, email security, application filtering, web filtering?

  Have a short list of rules for the firewall to implement for the applications, i.e. block video in Google+ hangouts however allow videos in Skype
  Choose a firewall with accurate random access memory RAM
  Be aware of Network address translation choices (NAT) choices when choosing your firewall

   Ensure that your employees understand the companies’ security policy when working from outside the office or with their own device 
       Bring Your Own Device ‘BYOD’)