User passwords are often a weak link in the corporate security chain. How can security pros make users adhere to strong password policies?
Recent corporate security breaches have taught us something important: The average computer user is spectacularly bad at choosing good passwords.
The most popular passwords turn out to be simple, easy-to-remember ones, like "password," "123456," "monkey" and "iloveyou," all of which provide little security. If you can remember your password, then it is probably not secure.
Yahoo's new CISO Alex Stamos is wasting no time shoring up the company's weak security. His first moves have been encryption-focused, but that's just for starters. Hiring Stamos "was a great move," said SilverSky CTO Andrew Jaquith. "He's got serious street cred ... . Assuming he gets the funding and authority he needs, Yahoo should be able to make some serious strides."
Yahoo has announced a new effort to upgrade its security, in the wake of a torrent of breaches and hacker attacks over recent months.
Yahoo's plans include encryption of data in motion, enabling HTTPS encryption, and implementing the latest in security best practices, said Chief Information Security Officer Alex Stamos, who took over the job in March.
Organizations need better methods of authentication for their users to access corporate applications, systems and data sources during the normal course of their work.