Online security is a big deal. Check that, it’s a really big deal and far too often, arts orgs and their managers don’t take as much time as they should to protect themselves and their institution.
Lifehacker.com published a fascinating post by Whitson Gordon on 7/25/2015 that examines the results from some recent research by Google into security practices employed by security experts and non-security professionals. Google asked respondents about their habits and practices for remaining safe online and although there’s some overlap between both groups, experts make use of a few practices that provide considerably higher ROI for keeping your data secure; in particular, password managers, using strong passwords, and unique passwords from one application to another.
Perhaps unsurprisingly, the experts are going to be the group to follow and fortunately, many of the tools they use to gain that edge are not only readily available but user-friendly.
It just so happens that tasks such as using unique and strong passwords for each application are a breeze thanks to password managers. One popular password management solution is from LastPass.com, and can be downloaded in free, premium, and enterprise options so there’s really no good reason at all not to use the service.
Speaking from personal experience having to manage thousands of passwords and helping numerous clients get up and running using the service, the premium account is a steal at $12/year and will let you sync password management across numerous devices, even those with different operating systems. If you want to see about implementing something for your entire organization, know that their enterprise solution is used by heavy-hitter businesses that include MailChimp and HootSuite.
Here’s where LastPass will be a force multiplier for improving your security practices.
- Auto Password Generation: you can have LastPass automatically generate strong passwords but and even tweak the parameters to set the exact number of characters or even avoid ambiguous characters (is that a lower case “L” or a pipe sign special character?).
- Password Audits: this is a fantastic feature that examines all of your existing passwords and automatically generates alerts for passwords that are both weak and used in multiple instances.
Getting the service installed and up and running will take a bit of time and you can expect that the initial audits are going to pull a much larger number of alerts than down the road but don’t let that discourage you; the benefits far outweigh any initial learning curve. And if your first audit only identifies and handful of items that need attention then pat yourself on the back for already being a security superstar!