Are You Overcomplicating Your Security?

Collaborative post – may contain affiliate links

Keeping your business property and data secure is a priority. Many companies feel that they have to resort to complex layers of technology or complicated security systems in order to stay secure. 

However, such complexity can often lead to more errors – which may even lead to security vulnerabilities. Complex security measures can also be more expensive and time-consuming to manage. 

Security can be simple and secure. Below are just a few instances of overcomplicated security measures, and how to simplify them without negatively impacting security. 

Unmemorable passwords

The most secure passwords tend to be completely random jumbles of uppercase and lowercase letters, with a few numbers and symbols thrown in. The longer the better – it’s recommended that passwords are over 8 characters, but for ultimate security it’s worth looking at combinations above 15 characters.

The problem with these passwords is that they’re often impossible to memorise. Such passwords often have to be written down or stored somewhere – which can increase the risk of them leaking out.

Fortunately, there are solutions to this. One popular option is to take a memorable phrase and use the initials to create a password, while ideally throwing in some numbers and uppercase letters. This could be a song title, a movie or a quote. An example could be to condense ‘on the first day of Christmas my true love gave to me a partridge in a pear tree’ into ‘Ot1doCmtlg2mapiapt’.

Alternatively, you could opt for a very long password made up of three or more unrelated but memorable words with a number thrown in. This could be something like ‘UmbrellaRacoonPacific44’. The key is to keep it completely random.

Too many different keys/passwords

It’s good to use multiple different passwords and different keys for different areas. However, keeping track of lots of different keys and passwords can be a challenge. While you can label keys and keep password lists, you need to be careful that the wrong people don’t then gain access to your keys or password list.

When it comes to keeping track of multiple keys, it’s worth looking into master keys that can be used for multiple locks. If a key gets lost or stolen, you’ll still then have access to this lock without having to keep multiple spare keys for different locks. 

As for managing lots of different passwords, consider using a password manager software tool. In some cases, you may also be able to set master passwords. You should limit access to the master keys/master passwords to one or two people only. 

Too many/not enough security privileges

A lot of companies overcomplicate security when it comes to privileges. 

Quite often there’s no need to give everyone the same security privileges as this means going through security protocol with each new employee. You may not trust every employee with such information, plus certain employees may not need access to certain information – so it’s best to only give certain people access to passwords, keys and security information.

This doesn’t mean only allowing one or two people to have authorization to all passwords and keys. If you’ve got a large team, it could be frustrating having to constantly rely on one or two people to unlock doors or enter passwords. In other words, make sure that you’re not being too selective with security privileges to the point of hampering productivity.

In-house IT reliance

When there’s a cybersecurity issue, it’s good to have access to IT experts who can solve the issue. 

Most smaller to medium companies can benefit more from outsourcing IT support than hiring in-house IT staff. Doing everything in-house can often be a lot more expensive – you have to be able to pay each IT staff member a full wage with benefits and you need to invest in equipment and tools for each of these staff members. 

When outsourcing your IT, you’ll be able to hire the help of a team of experts for the cost of a single in-house employee. You also don’t have the responsibility that would as an employer.