Password Hygiene Habits You Need to Clean Up This Year

Why is password hygiene important?

Your password is one of the things keeping malicious actors from infiltrating your IT infrastructure, stealing your clinic data, and putting your entire practice at risk.

According to Verizon’s most recent Data Breach Investigations Report (DBIR), the number of confirmed data breaches in the healthcare sector increased by a whopping 58% in 2020.

And guess what, the 2019 DBIR confirms that 80% of hacking-related breaches still involve weak and compromised credentials such as passwords.

So, in the healthcare industry, password hygiene isn’t just important...it is crucial.

Password habits you need to work on in 2021

Let’s get right to it:

1: You need to use longer, stronger passwords

Did you know that, according to a survey by Security.org, only 22% of Americans used passwords with at least 12 characters in 2020?

This means that most users here in the US are making it easier for hackers to infiltrate their accounts and systems. 

When creating a strong password, its length is a primary factor. You see, when hackers try to sneak into your account or system, they use several methods, including guessing your password. So the longer your password is, the more ‘guesses’ cyberattackers need to get it right.

So yes, a longer password is a stronger password.

As a managed service provider that specializes in healthcare IT, we strongly recommend our clients to set and use passwords that:

• Are at least 12 characters in length
• Have uppercase letters
• Have lowercase letters
• Have numbers
• Have special characters

This may look like a lot of fuss over “just a password,” but a strong password can be the one thing that stands between your practice and a full-blown security breach.

Need some help with that?

Coming up with longer, stronger passwords is one challenge. But remembering all of them is quite another. 

If you struggle with implementing longer passwords in your practice and have no choice but to go with shorter ones, you may want to give your accounts another layer of security. Multi-factor authentication (MFA) is the way to go.

MFA is a security method in which a user is required to present two or more of the following factors to an authentication mechanism:

Only when you correctly provide the required factors will you be given access to a computer, application, or program.

| Read more about it: What is MFA and how can it help your practice?

If you’re not sure you can pull off longer, stronger passwords this year, ER Tech Pros offers MFA technology options that can be a perfect fit for your needs and budget.

2: You need to stop reusing passwords

According to their survey in April 2020, Specops Software found out that 45% of their respondents did not consider password reuse to be serious. Most even reuse their passwords across multiple platforms.

And you may think the same thing: What’s the big deal?

It’s important to know reusing passwords (and reusing them across multiple platforms) exposes you to the risk of getting the data you store in your accounts stolen.

When the login credentials to a social media account you barely use gets stolen, it doesn’t sound like a serious matter—you don’t have much data on it anyway. 

But if you used the same username and password to set up your online bank and credit card accounts, that could turn out to be a big problem for you. Hackers could easily get access to these accounts and wreak havoc on your finances.

Stop reusing passwords. You need a unique password for every other account.

Need some help with that?

We admit, having a strong, unique password for every single account you have is a pretty tough task, especially for someone busy running a practice.

This is why password managers exist. Password managers are computer programs that create, store, and manage passwords for you. You can use them to access and secure your local applications and online accounts.

If you’ve got too many passwords to remember, let a password manager do all the work for you. Aside from the password manager feature offered by your Internet browser, there are many password managers available in the market, each with its own pros and cons. 

If you’re looking for the right password manager for your practice’s needs, budget, and goals, the our IT specialists here at  ER Tech can give you the guidance and information you need.

3: You need to make cybersecurity awareness a priority

Having the latest security technology is simply not enough.

According to a CompTIA report, human error is responsible for 52% of the root causes of security breaches.

Employee mistakes, lack of expertise, failure to follow policies and procedures, inexperience, and general carelessness can easily put your practice at risk.

When the staff in your practice use weak passwords, share private credentials with other people, fail to keep PHI confidential, or fall for phishing scams, your practice and patients could suffer the consequences.

Don’t let that happen.

Most of these human errors can be avoided by ensuring that your workforce is well informed and up to date with basic cybersecurity measures. 

Need some help with that?

If you want to invest in training your clinic staff in cybersecurity but you’re not sure how or where to start, we can help.

As healthcare's trusted IT experts, we are equipped with the experience and expertise in giving you and your employees the data security training you need.

We've also prepared a free cybersecurity training guide that your practice can use in the meantime!

Out with the old, in with the new!

In 2021, let your practice leave old password habits behind and usher in new practices that can safeguard your patient and clinic data. 

This year, don’t forget to:

• Use longer, stronger passwords
• Stop reusing passwords
• Make cybersecurity awareness a priority

These may feel like a significant shift for any organization, but with the right technology and 24/7 support from trusted IT experts, you can give your practice and patients the security and protection they deserve.

Want to know more about keeping your practice safe from cyberthreats? Have a chat with our IT experts and find out how a HIPAA-compliant IT service company can give you what you need.