When good employees go bad: protective password policies

BombSomething all business owners face from time to time is an employee who doesn’t work out. And every so often, one of these employees turns vindictive. As a tech consultant, I’ve heard stories that blow my mind, things I never thought someone would really do. 

Possibly the worst – an ex-employee from an internet service provider wiped out all their email. When I say all their email, I mean ALL their email, including all their customers’ email! Not only did the company lose big in terms of recovery effort, they lost tons of business and had to work their tails off to make good with all the rest who stayed. No lawsuit makes up for that kind of damage.

In another case, a financial services company, a former employee guessed at an old server password and used a few tricks straight off Google to plant a very destructive virus bomb that took them down for over a week. Anyone care to calculate the cost of lost productivity?

Protect Yourself!

Simple precautions make all the difference in the world:

  • Keep network and server passwords in a safe place, so that only a few people have access to them
  • Change passwords regularly, across the company
  • Use passwords that are difficult to guess, with combinations of upper and lower case letters, numbers, and special characters, and a minimum length requirement of at least 6-8 characters
  • Avoid “dictionary” words in any common language as these are easy to hack with the right software tools
  • De-activate accounts or change passwords immediately after an employee leaves or is terminated, including any web-based or other remote access

While we can always hope for a graceful parting of ways, these precautions will keep you safe either way. With such high stakes, why take the risk?

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s