/////////////////////////////////////
FINAL WORD
A single security
recommendation
to solve an age-
old problem
Password management is undoubtedly one of
the most basic security practices yet it is one that
people struggle with the most when it comes to
operating securely. Morey Haber, CTO and CISO,
BeyondTrust, offers his advice to ensuring a best
practice approach to password security.
I
n the cyber world, we’re exposed to an onslaught of
recommendations and top lists for improving IT security. They
may have some universal characteristics, but are infrequently not
relevant for adoption by everyone, everywhere and at every time. In
fact, can you guess what the number one, universal and best security
recommendation is for everyone to embrace? Here’s a hint, it is
related to passwords.
To further set the stage for this recommendation, let’s consider all
the infosec recommendations we experience on a daily basis. These
include everything from security skills and cyber-awareness training
to patch management. They target problems from phishing to
vulnerability management but are not necessarily relevant to every
employee within an organisation, nor are they necessarily relevant to
each person on their personal devices at home.
While it is common knowledge to avoid email spam, and employees
are often trained on how to identify suspicious emails and advised
not to click on suspicious links, it is interesting that younger
generations are far less likely to embrace email outside of the
corporate enterprise. Instant messaging and other forms of social
84
INTELLIGENTCIO
www.intelligentcio.com