Intelligent SME.tech Issue 05 | Page 26

// PREDICTIVE INTELLIGENCE //

I CONSIDER PASSWORDS TO
BE THE LOW- HANGING FRUIT WHEN IT COMES TO ENHANCING
ENTERPRISE SECURITY . to avoid regulatory fines , legal fees and lost revenue . And you also want to reduce cybercrime , prevent damage to your brand reputation and maintain your customers ’ trust .
The fact is , non-compliance can be extremely disruptive and expensive – with typical monthly fines ranging from US $ 5,000 to US $ 100,000 , depending on the size of your business . And , according to the IBM Cost of a Data Breach Report 2020 , an average breach costs US $ 150 for each customer record compromised . Multiply that figure by each customer record in your systems and you quickly get a real sense of how damaging noncompliance can be .
Three security tips for simplifying compliance
The best IT business leaders I ’ ve worked with recognise the value of PCI compliance and support their team ’ s efforts accordingly .
Whenever they ask for recommendations , I typically respond with three cost-effective and relatively easy ways to help protect cardholder data and achieve PCI compliance :
1 . Update your company ’ s password policies 2 . Use logging and tracking for all your systems 3 . Implement multi-factor authentication ( MFA ) everywhere you can

1

Update your company ’ s password policies
I consider passwords to be the lowhanging fruit when it comes to enhancing enterprise security . Unfortunately , a lot of the conventional wisdom about password policies is somewhat dated .
As cybercriminals employ much more sophisticated techniques , your password policies need to match that level of sophistication . One way to achieve this is to start requiring longer passwords for system access , emails and so on .
Yes , passwords should be complex ( in terms of numbers , symbols and capitalisation ), but the real strength stems from their length . Consider a couple of examples :
• Option 1 : You generate a random sevencharacter password with letters , numbers
26 intelligent
. tech
Intelligent SME . tech