Monthly Archives: November 2006

Key Under the Flower Pot

Posted on by

 

One of the most prominent threats to our networks and the sensitive data transmitted comes from legitimate users …us! Strong passwords are the most important cog in our security plan. We have access to many systems and sensitive information to do our jobs. However, many of us have never changed our passwords. For those who have, many use the names of pets, sons and daughters, or other words associated with our lives. Some use the word ‘password’ within their password. And others keep their passwords taped under their keyboard or on a piece of paper in their drawer. That’s like putting a key under the flower pot outside the front door of Fort Knox.

 

While these are all very logical, personal coping mechanisms, these are often the cause of security breaches. Any miscreant intent upon hacking into, say, the student information system, would look up a number of employee names, find their birth dates, scoop some information on immediate family members and pets, and then get down to business. It probably wouldn’t take long to find a match with some of the password cracking tools available. At that point, they might have access to sensitive data, grades, or worse, maybe pilfer private identity information.

 

Responsibility for security rests with all of us. To help alleviate the need for multiple PSU passwords, ITS has developed a single sign-on feature to myPlymouth. With one username and password, you can sign in to Banner, WebCT and many other internal sources of information. In the future, we’ll build more into that single sign on, making your life easier, but requiring us to be ever more vigilant in our methods of password management.

 

The most important thing you can do to heighten our security is to change your password routinely. Every three months is good practice, or at least once a year. Use passwords that include letters and numbers. Avoid names or common words that someone could guess. If you must write them down, avoid writing them next to the associated usernames. Protect them like you would your money and credit cards. Better still, confine them to memory.

And if you do have any keys under the flower pot, lose 'em.