UBP blog

02/16/2010

The Security of your Identity is only as strong as the passwords you keep—Part 2

As discussed in the previous blog post, your passwords are often your only barrier protecting personal information from the prying eyes of identity thieves. So, it goes without saying that they should be kept both strong and secret.

We’ve gone over how to make your passwords strong, here are a 4 steps that you should take to make sure they’re kept secret:

1. Don’t write your passwords down:  The safest place to store your passwords is clearly your own mind, which is why they should be relatively easy for you to remember. However, if you’re someone with a lot of different passwords to different accounts, you might need to write them down somewhere to remember which one is which.

If this is you, you’ll need to be extra careful about where you put them. Avoid keeping them in places that are easy for a thief to access, such as in your pocketbook, taped to the monitor of your keyboard or even on a sticky note on the back of your mousepad.

2. Don’t use the “remember my passwords” setting:  Whenever automatic logins and “remember my passwords” settings are enabled on your computer, anyone can sign into your computer as you and log in to all of your personal databases.

3. Don’t log into accounts containing personal information on public computers: Public computers include those in libraries, schools, universities or at an Internet café. Your passwords and usernames could be saved by the computer and used to access your accounts by someone else at a later date.

4. Don’t share your password with others: Also, as soon as anyone finds out your password, you should immediately change it (even if the person promised not to use it or tell anyone else).

Starting March 1, 2010, all businesses that “own, license, store or maintain” personal information on any Massachusetts residents must be fully compliant with the Commonwealth’s identity theft law 201 CMR 17.00. This means encryption, creation and implementation of a Written Information Security Plan and a whole host of other responsibilities must be completed by the end of this month.

Is your company compliance-ready, and can you prove it to the auditor who may come knocking at your door?

To help Massachusetts businesses get compliance-ready, Universal Benefit Plans has partnered with local employment law firm Foley and Foley to offer a complimentary 30 minute compliance review for qualifying companies. Call us at 617-859-1777 to learn more and see if your company qualifies.

Advertisements

02/08/2010

The security of your identity is only as strong as the passwords you keep—Part 1

If you lived during the Middle Ages and had a castle, you’d want to prevent invaders from breaking in, destroying your property, kidnapping your loved ones, etc. So what would you do? Build a moat, correct?

Now most, if not all of you, would pull out all the stops to create the deepest, most crocodile-filled moat imaginable. After all, it would be your only barrier for keeping invaders out. When creating passwords for your personal information you should use this exact same logic.

That’s because just like a moat is the only barrier keeping invaders out of a castle, your passwords are often your only barrier standing between personal information and identity thieves.

All passwords you use to access personal information (both online and off) should be both strong and secret. This blog post will educate you on how to keep them strong.

What is a strong password?

A strong password is one that includes:

  • 6 or more characters
  • Letters numbers and symbols
  • At least one case change

When creating your passwords, make sure that they are both easy for you to remember and difficult for others to guess.  If your password contains two distinct words or proper names, make sure they are unrelated to one another. 

One strategy you can use to create a strong, memorable password is to use the first letter of every word in a popular saying (making at least one of the letters uppercase) and add a number plus a symbol to the end. For example, a strong password using the popular saying “Speak softly and carry a big stick” might be Ss&cabs13.

Once you’ve set a strong password, you should also take the following precautions:

  • Never use the same password for more than one of your main accounts: If you do, it could take just one security breach to compromise everything in all of your accounts.
  • Change your passwords regularly: The Commonwealth of Massachusetts Office of Consumer Affairs and Business Regulations (OCABR) recommends that individuals change their passwords for access to personal information at least every 6 months.  A helpful tip for reminding yourself to do this is to use a recurring event such as a time to change your password (i.e. change your password every daylight savings time).

For any entity that employs and/or does business with Massachusetts residents, OCABR has passed our nation’s toughest ID theft law to date—Standards for the Protection of Personal Information of Residents of the Commonwealth (201 CMR 17.00).

Businesses must be fully compliant with the law by March 1, 2010. Is all your company’s personal information on Massachusetts residents encrypted and/or protected? Do you have a Written Information Security Plan in place?

These are just a few of the 201 CMR 17.00 requirements that must be met. Attend our  free webinar February 11th at 2 pm and in just 30 minutes you’ll know the answers to these questions plus so much more.

Blog at WordPress.com.