EXTEND AND AUGMENT YOUR EMPLOYEE SECURITY AWARENESS PROGRAM AND REMOVE

RISK, COST AND STRESS FROM EMPLOYEE PASSWORD MANAGEMENT

Password Coach replaces DIY employee password management with a simple drill

that guides all employees in the creation and protection of policy compliant

strong passwords

At home, our passwords are our own choosing and so familiar to us, but we

can only remember a handful So we reuse them for years

THE PASSWORD PROBLEM OUR SHARED COGNITIVE LIMITATIONS ENCOURAGE RISKY BEHAVIOURS

DIY PASSWORD MANAGEMENT CAUSES SECURITY RISKS AT HOME AND AT WORK

At work, our passwords are shaped by security policy, and so are unfamiliar

and unmemorable So we make a note of them

REUSING OLD PASSWORDS FOREVER HAS ALWAYS

BEEN RISKY BUT NOW THAT THERE IS A ‘GOOGLE FOR

PASSWORDS’ IT ONLY TAKES A MOMENT TO FIND ANYONE’S OLD PASSWORD

NOW THAT BILLIONS OF OUR PASSWORDS ARE IN A SEARCH ENGINE, REUSE IS MORE RISKY THAN EVER

leakedsource.com

•  It is estimated that password management and related support costs due to forgotten passwords cost businesses upwards of $420 (USD) per FTE per annum

•  The average cost of a cyber attack for an Australian business is over $622,515

RISKY AND EXPENSIVE HOW DO WE MANAGE TO BE SO AWESOME?

LEAVING STAFF TO THEIR OWN DEVICES CONTINUES TO BE EXPENSIVE

DIY EMPLOYEE PASSWORD MANAGEMENT IS BOTH RISKY AND EXPENSIVE

ONLY 8% OF INDIVIDUALS USE A

SOFTWARE-BASED PASSWORD MANAGER

SOFTWARE ISN’T THE ANSWER FOR MOST OF US

IS THERE A WAY TO HAVE EVERYONE

COMPLY WITH POLICY WITHOUT

ENCOURAGING RISK TAKING?

THE PASSWORD POLICY IS IMPORTANT IN PRESCRIBING PASSWORDS BUT ENCOURAGES RISK TAKING

PASSWORD COACH IS AN INTUITIVE, REPEATABLE DRILL THAT GUIDES EMPLOYEES IN THE USE OF POLICY COMPLIANT PASSWORDS AND RENDERS POLICY WORKAROUNDS REDUNDANT

PASSWORD COACH YES THERE IS!

MAKING RISKY POLICY WORKAROUNDS REDUNDANT

At work, Jim is required to change his password every month

Jim is pretty sure that he is not going to remember his new password and typically solves the problem with a sticky note

MEET JIM JIM’S DIY PASSWORD MANAGEMENT PROCESS INVOLVES A FAIR AMOUNT OF RISK

JIM IS NOT A BIG FAN OF PASSWORD CHANGE DAY

Rather than leave staff to their own devices on password change day, the security team has enrolled the entire company in the Password Coach’s safe password program

Jim is cautiously optimistic

THE COACH’S PROGRAM A HELPING HAND WITH POLICY COMPLIANCE

PROACTIVE ASSISTANCE TO MAKE COSTLY AND RISKY POLICY WORKAROUNDS REDUNDANT

As part of the program, each employee has been allocated a version of the Employee Guide to Essential Password Security, which has been customised for the business

MEET THE COACH THE NO SOFTWARE ALTERNATIVE TO DIY PASSWORD MANAGEMENT

THE COACH IS DESIGNED TO HELP US ALL USE PASSWORDS IN A SMARTER AND SAFER WAY

THE 3 STEP DRILL FOR

SECURE PASSWORD

GENERATION AND RETRIEVAL

HOW IT WORKS

It’s the first of the month and time once again to set a new system password. Jim has already sat through the short Password Coach training video and has his secret 12 step password pattern ready to go.

STEP 1: PREPARATION THREE STEPS TO SECURE PASSWORD GENERATION AND RETRIEVAL

JIM HAS MEMORISED A SIMPLE PATTERN THAT HE’LL USE TO GENERATE HIS PASSWORDS

Jim clicks open his Employee Guide and navigates to the right page for the current month

Jim thinks back to his secret password pattern and mentally overlays it onto the Guide to visualise his new secure password

STEP 2: VISUALISATION THREE STEPS TO SECURE PASSWORD GENERATION AND RETRIEVAL

JIM MENTALLY OVERLAYS HIS SECRET PATTERN TO GENERATE A PASSWORD

Jim taps in the new password to complete the change

STEP 3: PUT IT TO WORK THREE STEPS TO SECURE PASSWORD GENERATION AND RETRIEVAL

JIM NOW HAS A WAY OF RETRIEVING HIS PASSWORD WITHOUT HAVING TO REMEMBER IT OR WRITE IT DOWN

HewillbereferringtothateverydayandsoJimleavesitwithineasyreach

JimthenprintsoffthepageintheGuidethatheusedtogeneratehisnewpassword

3 SIMPLE STEPS TO HELP STAFF GENERATE

POLICY COMPLIANT PASSWORDS WITHOUT ANY OF THE USUAL

STRESS, COST AND RISK

THAT’S IT!

Reducedopera>ngcosts.NomoreDIYpasswordmanagement.Fewerriskybehaviours.Moreproduc>vity.Lessstress.

Easytobuy.Fullyhosted.NosoGwaretoinstallorsupport.Saferstaff–athome,atworkandontheroad

DON’T LET YOUR PEOPLE SOLDIER ON WITH COSTLY & RISKY DIY PASSWORD

MANAGEMENT

GET THE COACH IN For more details drop us a line at enterprise@passwordcoach.com or call Simon on +61 499 077 190

Download a sample Employee Coaching Guide from www.passwordcoach.com/enterprise

PASSWORDS SCRIBBLERS FUN FACTS

AN ALARMINGLY HIGH PROPORTION OF INFORMATION PROFESSIONALS WRITE THEIR PASSWORDS DOWN

9%saidtheywritedownpasswordsinafile/documentontheircomputerinaplain,unprotectedformat14%saidtheywritedownpasswordsinafile/documentontheircomputerandprotectbypassword7%saidtheywritedownpasswordsinafile/documentonaremovabledevice(i.e.,USBs>ck)8%saidtheywritedownpasswordsinafile/documentontheirsmartphoneortablet6%saidtheywritedownpasswordsonas>ckerthatisstoredneartheircomputer20%saidtheywritedownpasswordsinanotepad

Q:Whichofthefollowingmethodsdoyouusetostorepasswordsandpasswordreminders?