Password Management Strategies for Safe Systems: Offense and Defense

BY JAMES F. LEON

Editor's note: This is a Web-exclusive exhibit for "Password Management Strategies for Safer Systems."

Primary Security Risks Effective Countermeasures
Failing to enhance password security in order to focus on searching for a “perfect” security system and obtaining more funding.
  • Immediately improve password security procedures.
Implementing new system security procedures or a new security system without adequate planning and full knowledge of current system’s capabilities.
  • Learn how current system stores and protects passwords.
  • Observe employees' password-related practices (for example, check for notes near monitors).
  • Identify security system capabilities necessary to ensure employees' adherence to password security requirements.
  • Perform a thorough needs analysis before buying new security software.
Inconsistently enforcing safe password practices.
  • Obtain high-visibility, senior management support of safe password practices, and publicize them to all employees.
  • Enforce all safe password practices without exception.
  • Make adherence to safe password practices a condition of employment.

Also read these other Web-exclusive exhibits:
Safe Password Practices
Glossary of Key Terms

SPONSORED REPORT

6 key areas of change for accountants and auditors

New accounting standards on revenue recognition, leases, and credit losses present implementation challenges. This independently-written report identifies the hurdles that accounting professionals face and provides tips for overcoming the challenges.

PODCAST

How tax reform will impact individual taxpayers

Amy Wang, a CPA who is a senior technical manager for tax advocacy at the AICPA, answers to some of the most common questions on how the new tax reform law will impact individual taxpayers.