Password management is always a challenge. Not only do users love to never change their password, they also like to keep it as simple as possible.
Today we’re not going to dip our toe into the very deep water of how to write good password policy. We’re really here to show you how Shield can align with the password policy you may already have written.
Before we start, a word of caution about passwords and business continuity plans. We all would like to think that recovery team members are diligently logging into their plans on a very regular basis. We like to imagine they regularly keep things kept up-to-date and familiar. But let’s face it, people get busy. When deadlines hit and workloads pile up, routinely checking on that business continuity plan becomes a lower and lower priority. Before you know it, users have forgotten their password to even access the plan.
Now this is not true for every organization. We share this with you only to make you consider your organization’s culture and ensure that it aligns with how strict your password policy is. The last thing you want is your team members locked out of their plans when disaster strikes because of a very strict password policy.
At KingsBridge we recognize that every organization is different, so in the tradition of Keeping It Simple and Straightforward, we leave the password policy options up you. Here are the password policy options available to our Gold and Platinum Shield subscribers.
Custom Character Limitations.
The strength of a password is a function of a number of password characteristics. These include length, use of special characters and overall complexity or unpredictability. You can choose a general password strength that your Shield users need to adopt by selecting Average, Strong or Very Strong.
Alternatively you have the option of selecting your own character limitations on passwords. Options available include ‘at least one number’, ‘at least one uppercase letter’, ‘at least one symbol or special character’, ‘no consecutive identical characters’, or setting a minimum password length.
Password Expiry Rules.
Perhaps you’re less concerned about the structure of the password your users choose. You want to make sure they change their passwords frequently. Shield allows you to set a frequency with which passwords will expire. You can choose either the number of days since the user last changed their password or the the number of days since the user last logged in.
Account Lock-Out Rules.
Sometimes it’s not your users you’re worried about but rather less savoury individuals that try to hack you by just trying password after password. To mitigate this risk Shield allows you to set Account Lock-Out Rules. You can establish not only how many failed login attempts a user is allowed but also the lock-out duration when the user hits that attempt limit.
Password Reuse Rules.
Even with rules enforcing regular password changes, sometimes users just alternate between the same two passwords every time. To limit this behaviour, Shield allows you to block password reuse so that passwords cannot be reused within the number of days you establish. Alternatively you can establish how many passwords a user has to use before they can begin reusing passwords.
If you’re looking for really tight security, two-factor authentication is also an option. When logging into Shield users will receive a password via email. If you use BEAM, our integrated notification system, two-factor authentication via SMS is also available.
So make sure your Shield software aligns with your company’s policies. That way when the auditors arrive or your Information Security staff come growling, you’re prepared.
KingsBridgeBCP offers businesses of all sizes BCP Software Solutions and industry know how based on best practices. We help build, exercise, and maintain Business Continuity Plans. Our services and software packages are customized to meet the wide range of our customers’ needs, ensuring we deliver the best value in every project. To learn more click here or check out our Services.