One of the focuses of the Windows 10 operating system was its improved security overall. While it does still dwarf it’s older versions in comparison; one aspect even your Operating System can’t fix by itself – user behavior.
That right, your operating system, can only assist, guide, or require you to change your password, never focusing on its complexity. Microsoft has long stood-by their policies, that passwords should expire after so many days, to prevent compromised credentials. Microsoft has done numerous studies when push comes to shove in most cases when employees are forced to change passwords, they make a small alteration to the existing password and hit save. For many, this includes symbols and numbers tagged to the begging or end of our credentials, to fulfill this task, before beginning our work.
In Microsoft’s latest release Patch #1809, they’ve updated password policies in the operating system’s including many application’s Security Baseline, making ALL passwords expire, by force. Although this doesn’t impact password length, history, or complexity we are moving towards much more secure environments. As many of these vulnerabilities, 77 in total related to business-line products used in our everyday working life. These won’t be the only changes, those utilizing the following Microsoft Solutions will receive security updates for two zero-day events: Internet Explorer, Microsoft Edge, Microsoft Office, Azure DevOps, .NET Framework, Azure, SQL Server, ASP.NET, Visual Studio, and Microsoft Exchange Server.
Business’ and employees that have a security-focused mindset, whether from Security Awareness Training, are aware of the role passwords play in an attack. To sufficiently secure your data, organizations seeking to leverage these tools to broaden their current security stance can look towards our in-house experts and close working relationship with Microsoft Support to build the latest guidance for securing employees and business data.
- Banned Passwords
Built to battle simple passwords, and users from sticking with default passwords, making it that much more frustrating to hackers. By stopping users from using passwords like “123456” and “1Password!!” your organization can block the use of these commonly stolen credentials.
- Multi-Factor Authentication
Known by many as “MFA,” it’s grown common practice for most industries to require every employee within the organization to utilize more than one path for authentication. This company stance should be leveraged across your entire business, even if they ONLY have access to email.
By employing the use of these alternative controls, businesses can begin leveraging employees as their first line-of-defense. Begin to offset the potential for increased security vulnerabilities and risks, commonly seen today, educating your employees on proper password hygiene, length, and complexity, your business can easily meet the security needs of your customers and your employees.
Want the experts to educate your staff and assist your network hygiene efforts – give us a call today!