Why Your Business Requires Security

The States and Federal Identity Theft and Privacy Protection Laws now require businesses, agencies and organizations of all sizes to protect all personal information they store, and report to all their customers whenever a breach occurs. The financial ramifications after having a data breach can be very substantial to both present and future business. In some many cases a company never does recover from a breach and is forced to close down. Currently, the average cost on a company is $3.7M per incident.

IT Security Rules Facilitate Data Breaches


We all have been told by Corporate IT that we must have complex passwords, they must have a minimum of eight characters, don’t use the same password for other sites, and change them every 60- to 90-days. While these may seem like great practices, these rules could facilitate a security breach.

While this does set up a strong password security from IT’s perspective, it also forces employees to circumvent the security for their own convenience: Writing passwords on notes by their computer, having an Excel spreadsheet store all ones passwords on the desktop, or storing them all in the cell phone.

The password management component is the problem, thus companies need to also install solutions that are both secure and convenient. Some of the top brands are Power LogOn, RoboForm and IDVault. They all tackle the security problem a little differently, but they all are solid, robust products. Some products are designed more for the consumer market while others are specific to businesses. Some also offer different types of technologies like on computer storage (a wallet), memory sticks, servers, smartcard and super secure dongles.

To blanketly say one product is better than another is wrong. Every technology and solution has its place when compared to the risk, data importance and cost. So, before purchasing anything here are some questions you might want to consider:

  1. How important is the data such that if lost or stolen, what would it cost?
  2. How much time and effort will it take IT to learn and install?
  3. As employees come and go, how are licensing fees handles (new purchases or recycle)?
  4. If the token is lost or stolen how secure is the data and how difficult is it to get the employee back up and running again?
  5. Can other services be added to the solution like ID badging, building access control, payment, etc. and does it matter?
  6. Flexibility in working with different computer configurations – laptops, desktops and network computers?

I am the CEO of Access Smart who has developed Power LogOn. Many may think my answer would be to only support our products, but I don’t. It really depends on your unique circumstances, needs, and the most important point, the ease of use on employees and IT. Therefore, I recommend that every company use something if they want to help stop the theft of passwords and reduce the risk of an expensive breach.

Comments are closed.