World Password Day: Do's and Don'ts for your organization
Reading time: 3 minutes
There’s no way around it! Nowadays, every app, online shop or service expects you to log in. Sure, people create that new account, but they don’t always use a new password. And we are long past the time where only you yourself are responsible for your online safety. The first Thursday of May is World Password Day and we‘ll give you some do’s and don’ts to ensure the data of your employees is in safe hands.
Don't: Get stuck in habits
Need to create a new account? No problem! You just quickly enter your email address along with one of the passwords you already use elsewhere. Your password is long and complex enough that no one could ever guess it, right? Nothing could be further from the truth.
Even if you are convinced that nobody could ever guess your password, it is still stored on the worldwide web – meaning the password ends up in a database and could simply be out in the open after a hack or a data leak. Has your password been stolen? Change it immediately!
Encourage your employees to create a unique password for each platform. Tell them why it’s important to do so and remind them regularly. That way you will create a safer environment together!
Good to know: As an organization, you can take many measures to counter cyber risk. In doing so, you can have the systems fully secured, but don’t forget that employees can also be a big risk. Do they know how to choose safe passwords? And how to handle these passwords? It sounds obvious, but how many people share their passwords with others? Write them down on a piece of paper? Or store them in their phone? With e-Learning or an online training, you can remind people to handle their passwords in a safe way. This way, there are fewer security risks!
Do: Hello Multi-Factor Authentication (MFA)
Organizations, like FLOWSPARKS, that no longer consider a password on its own to be sufficiently secure, choose Multi-Factor Authentication. Multi-Factor Authentication (MFA) is a method in which you identify yourself online by using multiple factors. This can be something you “know” (a password), something you “have” (an app on your smartphone, a text message or a mailbox) or something you “are” (a fingerprint). Chances are incredibly small that someone with bad intentions has access to your password as well as your mobile phone or fingerprint.
Do: One single gateway
What if you only required one account on a secure, trusted environment that allowed you to access multiple platforms? This technique is called Single sign-on (SSO), and more and more FLOWSPARKS customers are using it. By linking content to their Active Directory or LMS, there is only one secure access point that people need to enter in order to access multiple applications. Great for the organization and a lot more user-friendly for your employees!
Don't: Stand still
Technology is always evolving and so are passwords, databases and authentication. That’s why, when choosing a new tool or platform, we advise you to carefully consider the security policy.
In addition, to keep everyone within your organization alert, you need to repeatedly pay attention to and remind them of security. This can be done through periodic communication or short (online) training courses.
FLOWSPARKS and ISO 27001
At FLOWSPARKS, we always keep track of the latest developments. We strive to offer different options for our users to safely log in to our systems. Therefore the FLOWSPARKS platform works according to the guidelines of the ISO 27001 standard. This means that there is a certified management system in operation for development, management, maintenance and support of the digital learning environments. With several FLOWs, we ensure that data of customers and their learners are processed in a safe manner.