As a security company, you have sensitive customer data such as address, contact and property information that is stored online. Of course, you don't want this data to become publicly accessible. That's why it's important to have a strong password so that not everyone can access your data. In this blog, you will learn why strong passwords are so important and which password guidelines apply to our software.
Why a strong password is important
Many companies still too often use the same, weak passwords that are changed too rarely. This harbors many risks that are still given too little attention. For example, hackers could easily gain access to your sensitive data if you use weak passwords. As a security company, you have a lot of sensitive customer data stored online. Naturally, you don't want third parties to get their hands on the data of the companies you protect. By using a strong password, you not only protect your personal data, but also the data of your customers. As a result, you and your customers are better protected against fraud and theft.
A strong password should contain at least 12 characters, lower and upper case letters, numbers, special characters and spaces. It is also recommended to use a different password for each platform and to change it regularly.
Ways to handle passwords securely
In addition to using a strong password, it may be just as important to be secure with these strong passwords. Your password can be very strong, but if everyone knows it, it is no longer a strong password.
One way to handle passwords securely is to use a password manager. These store your passwords in a kind of digital safe and can often generate strong passwords. This means you only have to remember one strong master password for the password manager.
The SequriX password policy
An important aspect during ISO certification is a strict password policy. At SequriX we have had such a policy since March 6, 2023. As part of this policy, there is a new calculation for the strength of passwords. Easy-to-guess passwords such as '123456789' are no longer accepted by our software.
In our mobile app, you can access a lot of sensitive information such as your customers' addresses. A strong password is therefore important. Every request for keys or codes, for example, must be authorized with the app password and is documented.
Two-factor authentication
Another component of our new password policy is two-factor authentication, which has been added as an additional step to the login process. This additional authentication only applies to back office users. You have the option of making two-factor authentication mandatory for every back office employee who wants to log in. You can find this menu item in the organization settings. Authentication takes place via the Google Authenticator.
Single Sign-On
It is possible to log into SequriX via single sign-on. This eliminates the need to remember additional passwords. Using an identity provider (e.g. Azure AD), your employees can log in with their own network account.
Protect your sensitive data
A strong password is more important than ever to properly protect your data and that of your customers. For this reason, we have had a stricter password policy since the beginning of March. This means that all the data you enter in SequriX is optimally secured.
