Here's What You Can Do to Build-Up Your ERP Password Security
At its core, your ERP software is more than just another productivity solution. Exact Synergy and Acumatica solutions offer state-of-the-art security measures like two-factor authentication. They’re always protected by up-to-date security patches and are fully compliant with current industry regulations. They’re built to meet only the strictest privacy and security requirements like PCI Level 1.
But ultimately, none of that will mean a thing if weak passwords are “protecting” them from prying eyes.
If the cybersecurity landscape feels like it's growing more dangerous all the time... that's because it is. Varonis recently found that there were almost 4.1 billion records exposed during data breaches in the first half of 2019 alone. A separate study conducted by the University of Maryland revealed that hackers attack both individual and business users at a rate of about every 39 seconds — or an average of roughly 2,244 times during a single day.
But what a lot of people don't realize is that hackers are rarely teams of trained professionals located in a bunker somewhere halfway around the world, desperately trying to crack into your systems. In many of these cases, you're talking about average people with malicious intentions who don't have resources that are any more sophisticated than yours are — they just know how to exploit a vulnerability when they see one.
In nearly all situations that vulnerability ultimately comes down to the exact same factor:
Another study by TraceSecurity revealed a massive 81% of ALL company data breaches were successful because hackers exploited poor passwords within those organizations. Yes, a password can often act as your first line of defense against the types of people who want to do you harm. But it can also be your single biggest liability if you're not careful.
You can't necessarily stop yourself from becoming the target of hackers in the modern era — but with the right password best practices at the heart of your business, you can prevent yourself from becoming a victim, which is the thing that matters most of all.
Based on how important password security is to ERP solutions, here are some helpful tips, tricks and best practices that you can use to beef up your password security as we move further into 2020.
- Use Multi-Factor Authentication Whenever Possible
According to the third annual Global Password Security Report from the people at LastPass, only about 57% of global businesses are currently using multi-factor authentication. This is an increase from the 45% total of the previous year, but it still proves that we have a long way to go.
Multi-factor authentication means that even if your password is compromised, a hacker still can't gain access to your accounts without physical access to a secondary device. Therefore, you need to enable multi-factor authentication on whatever accounts and solutions support it — and you need to do it immediately. Exact Synergy, for example, has this functionality built in. The same will be true of other ERP solutions.
- Implement Strong Password Best Practices
For the absolute best results, your business should implement security policies that require the strongest passwords possible. Here are some best practices recommended by experts:
- Choose passwords with as many characters as possible (more than ten).
- Include both upper- and lower-case letters.
- Mixture of numbers, letters as well as special symbols will dramatically increase password security.
- Consider uncommon words and phrases that can’t be easily guessed.
Likewise, business leaders should create policies (and employees should embrace them) that dictate they should never reveal their passwords to others. They should be treating account passwords the same way they would something like an ATM PIN. Finally, make sure your policy involves requiring employees to change their account passwords on a regular basis — at least once every six months is usually recommended.
- Never, Ever, Ever Reuse Passwords
According to the LastPass study, the average employee reuses a password about 13 different times. This means that if your employee uses the same password on their personal email that they do for their Exact Synergy account and that email provider gets hacked, guess what? Your ERP business just got hacked, too.
Again — you need to make it a natural part of your business's security policy that people are not to reuse passwords under any circumstances. There should also be very real consequences if anyone is found to be in violation — the stakes are truly high enough to justify them.
- Employ a Password Manager
Passwords that are as long and as complicated as outlined in step three and (that cannot be reused as outlined in step four) will naturally cause people a bit of stress as they try to remember them all. To help relieve this burden while also fortifying your defenses, enlist the help of password managers like OneLogin, LastPass or Password.
Not only will these password managers generate stronger passwords than most people could come up with on their own, but they'll also store them in a secure database for easy access — thus making it easier, not harder, to create the strong passwords we need to protect ourselves.
- Make It Mobile
Finally, understand that the people at LastPass discovered that the ability to access passwords on a mobile device like a smartphone or tablet "significantly improves the experience of using a password manager" — thus empowering the employee adoption of password management across the board.
But despite this, only about 23% of employees currently have access to their password vault on their smartphone — a number that absolutely needs to increase sooner rather than later.
Your business should not just provide password manager access — they should also make sure they’re using a solution that is compatible with the Android and iOS devices people already own. Employees and business leaders are probably already using Acumatica and Exact’s array of mobile apps — why not go one step further and let them access their password manager the same way?
Password security is ERP security
If you give your employees the tools they need to stay safe online, you significantly increase the chances that they will actually use them. More often than not, this can mean all the difference in the world for your business. These are small steps to take in order to make huge strides in enhancing your ERP password security in the new year.