Lord of the Rings, World Password Day, and the Keys to Well-Rounded Data Security
On World Password Day, it's important to reinforce strong password hygiene — a critical component to data security, but one that merely scratches the surface.
Let's start someplace you might not expect: At the “Doors of Durin”. For those who lack this level of nerd knowledge, the Doors of Durin were the western entrance to the great Dwarven kingdom of Khazad-dûm in Lord of the Rings.
If you saw The Fellowship of the Ring, you might remember that the Doors, much like our networks, computers, phones, and online accounts, were password protected. All you had to do was, simply, “speak, friend, and enter.” After a number of failed entry attempts, our heroes realise that this was but a Dwarven riddle, a password hint, and the answer could be found within the question itself. They speak the Elvish word for “friend” and the doors open.
World Password Day
So where are we going with this? Well, with all due respect to the Dwarves, master craftsmen though they may be, their password selection leaves much to be desired. Their choice — a single word, which they wrote on the door itself — went unchanged for centuries and was eventually cracked by a Hobbit. They didn't even bother to implement two-factor authentication! It was essentially the modern-day password Post-it on your monitor.
Of all the beings in Middle Earth, they probably would have benefited most from World Password Day — the first Thursday in May, which has been used to spread awareness about better password habits since 2013.
In our increasingly cyber world, password security is paramount. Passwords represent critical gatekeepers of our digital identities, protecting valuable information for us, our businesses, and our employers. The increase in remote work due to the coronavirus pandemic, along with today's digital sprawl, makes it all the more important to adopt strong password hygiene and better data security habits overall. It also makes it even tougher for users and IT security teams to manage these necessary passwords, leading to bad habits, data breaches, and worse.
While we recommend the password strengthening strategies generally promoted on World Password Day — such as using unique, complex phrases, frequently changing passwords, and two-factor authentication — they are still, unfortunately, not enough to ensure data security, especially not for businesses or larger organisations.
No-Compromise Data Security
While maintaining strong, unique passwords are an important aspect of modern data security, it barely scratches the surface in terms of the IT protection your organisation will need in 2021 and beyond.
For example, a 2018 study found that 74 per cent of data breaches start with privileged credential abuse. Meanwhile, the frequency, sophistication, and impact of cyberattacks such as ransomware continue to skyrocket — since 2019 the average cost of downtime has increased by 94 per cent and that number is only expected to go up.
There is no way to guarantee total immunity to potential data breaches for your organisation. In recent years, we've seen some of the biggest companies and governments fall, victim, despite best efforts. However, by planning, implementing, and testing an in-depth security strategy that is multi-layered, integrated, and ready, organisations can put up a formidable fight, while also drastically limiting the damage done by internal and external cyber threats.