The Weakest Link In Your Business

Why? Because a business owner or other individual with access to sensitive data is more likely to share passwords, devices and other “keys to the business” with a member of their (extended) family in the belief there is less chance of misuse by a trusted individual. But that is a mistake — even if the business has robust Cyber Security services in place — because a family member does not have to be malicious in order to do harm.

Remember that once you hand over a password to another person, you simply do not know how they will handle it. One danger is that they may jot down the password, or share it with someone else who may then share the password with another individual, all the way down the line until it reaches an ill-intentioned person. Or the trusted individual you originally handed it to may write it down on a piece of paper that is left in an unsecured location — leaving it visible to unauthorized parties. Regardless of the specific circumstances, your password’s next stop is likely to be the Dark Web or some other menacing location.

Shared devices are another common threat vector. How many times does a small-business owner bring his or her laptop home, and a spouse or child asks for access so they can do homework, create a shopping list or engage in some other innocent task? The problem is that the owner has no way of knowing what happens next. That assignment your son or daughter is working on will likely require them to log onto their school’s network — and just how secure is it? Or, as children, adolescents and even young (and older) adults are prone to do, they may log onto a gaming or other site — or even check and open their email — potentially enabling a program to covertly download malicious software onto your device.

Once a device leaves your hand, you are no longer its custodian and typically have no way of knowing how the device is being used, until it is too late. The danger may be compounded by the use of certain browsers, which, depending on their settings, may display a list of stored passwords, including those of bank accounts and of other sensitive data.

Finding a Solution for the Weakest Link

Fortunately, the solution is simple — although it may not be painless: restrict access to passwords and devices on a “need to know or use” basis. Do not circulate passwords unnecessarily; make sure you change them on a regular basis, and do not use the same password for multiple accounts. To further safeguard a password, consider using a password manager, a software application that is designed to store and manage online credentials. A password manager also creates passwords, and usually stores them in an encrypted database that is locked behind a master password.

Along with that, consider utilizing MFA, or multifactor authentication. This adds a layer of protection by adding a step to the sign-in process before email and other accounts or apps can be accessed. When MFA is enabled, a user trying to access his or own account, or a hacker trying to hijack one will first be prompted to provide an additional identity verification, such as scanning a fingerprint or entering a code received by a phone or other device registered to the legitimate user.

Perhaps the toughest part about all this is informing you family member or other person that they no longer have access to your device, or that you will no longer share your password with them. Some people have a difficult time understanding the importance of security protocols, and how dangerous it can be to bypass them. But the effort is worth it. If a hacker gets access to your personal or business accounts — and often, entry to one results in entry to the other — the hacker will be a like a kid in a candy shop, grabbing all the goodies they can, password manager.

Michaela Mazzanti

Marketing Coordinator at eMazzanti Technologies

Michaela Mazzanti has 10 years of experience in Marketing Management in IT companies, she developed a deep understanding of what are clients needs and how she can help them stay competitive and ahead of the competition.

Thanks to her experience acquired at eMazzanti Technologies, Microsoft’s four time Partner of the Year and one of the premier IT consulting services,  Michaela has a detailed understanding of Microsoft and related technologies including M365 (SharePoint, Teams, OneDrive), Azure and SQL Server.