Security has become such a basic part of our everyday lives, we don’t even think about it. Consider the phishing calls, texts, and emails every one of us sees over the course of each day. Complacency can be dangerous, lulling us into that false sense of security. That’s why everyone deals with passwords all day every day. Every time we touch a computer or a smartphone, we’re either keying in a password or letting our device use a stored password to log on. In fact, many people, including your employees (and you?) are speeding through their logins with saved passwords.
Now, wait one second, you may be thinking: Does your company’s security policy and onboarding process address the fact that people use stored passwords to access your network on a device? Or, more importantly, do you know how this can impact the safety of your company’s data?
Now before you send out that scathing company-wide email, you should know: Stored passwords are not necessarily problematic on their own, so long as your team retains control over their devices—the laptops and cell phones that are used to access the data. After all, the whole idea behind those automatically generated “strong passwords” is that the users don’t need to remember a long and seemingly random sequence of upper- and lower-case letters, numbers, and symbols. Instead, those passwords are meant to be remembered by a device, preferably one protected by its own strong (and not stored) password, and, even better, protected by a two-factor authentication system and/or a biometric authentication.
At Axis Computer Networks, we know data security and we take it very seriously. When it comes to protecting your data, we can help with a NIST security audit. This is a free service we provide, and there’s no obligation.
What is a NIST Security Audit?
The National Institute of Standards and Technology (NIST) is an agency of the U.S. Department of Commerce that promotes industrial innovation. The mission of the agency also promotes competitiveness and maintains frameworks for cybersecurity, security and control, and risk management. The NIST cybersecurity audit is the first step to establishing the level of conformity to a standard.
At Axis Computer Networks, we will perform the audit to establish the level that a network or system conforms to a standard. While this audit is the initial step to provide guidance for a full NIST Assessment under the NIST Cybersecurity Framework, it can also serve to provide insight into the security levels of the network.
Hack Your Own Network?
If you don’t work with us already, our status as a true outsider to your network works to our mutual advantage, since it lets us approach the NIST Cybersecurity Audit with the same calculating, cold approach a hacker would use. The audit process shows us weak points in your network security. We then share the report with you, so you can see where the flaws are in your system. After that, you can decide how to proceed, whether you want our recommendations and assistance to secure your network, or use your own in-house resources to solve the problem.
We also can help you train your team to improve their personal security. The phishing programs and social engineering used to trick people into sharing their passwords are all carefully monitored and tracked, and we can apprise your team of the latest developments in the frontline battle of cybersecurity. The personnel on your team could present a security risk, and our training can help transform them into one of your strongest lines of defense.