Editor's note: This is a Web-exclusive exhibit for
"Password
Management Strategies for Safer Systems."
| Primary Security Risks |
Effective Countermeasures |
| Failing
to enhance password security in order to focus on searching
for a “perfect” security system and obtaining more
funding. | -
Immediately
improve password security procedures.
|
| Implementing
new system security procedures or a new security system
without adequate planning and full knowledge of current
system’s capabilities. | -
Learn
how current system stores and protects passwords.
-
Observe
employees' password-related practices (for example, check
for notes near monitors).
-
Identify
security system capabilities necessary to ensure
employees' adherence to password security
requirements.
-
Perform
a thorough needs analysis before buying new security
software.
|
| Inconsistently
enforcing safe password practices. |
- Obtain high-visibility, senior management support of
safe password practices, and publicize them to all
employees.
- Enforce all safe password practices without exception.
- Make adherence to safe password practices a condition of employment.
|
Also read these other Web-exclusive exhibits:
Safe
Password Practices
Glossary of Key Terms
