You know that email you get every few months from your company's IT department? "Your password will expire in seven days. To change your password now, click here and follow the prompts."
Do you groan when you see it? Me too.
I dread the notice because it's time, yet again, to come up with some combination of letters, numbers and symbols that no one will ever guess, but I won't somehow screw up and forget when it's time to input it into my phone, laptop and iPad.
It's not just the inconvenience. It's also the fact that it's necessary because of the existence of hackers whose career choice is to steal personal information.
Bill Bregar's coverage of the recent Environmental Health and Safety Summit, sponsored by the Manufacturers Association for Plastics Processors, offers some excellent best practice-type advice related to cyber security.
Passwords should be at least eight characters long and have upper and lowercase letters, as well as numbers, according to John Prost, director of information technology at Mueller Prost LC, a St. Louis accounting and business adviser firm.
Don't write down the password on a sticky note on your computer. Don't use your name — or your kids' or your pet, for that matter. It's best to use two-factor authorization — you know, the kind where you authorize the company to send a text message to your cellphone if you or anyone else tries to change the password.
The depressing part is that even if you do everything right — you use two-factor authorization, you use complicated passwords that are at least eight characters long and have upper- and lowercase letters, numbers and symbols, or you use an encrypted password manager — you're still vulnerable. Because, as Prost said, "A determined hacker can hack almost anyone or any company."
A company can use good security, but the employees are the weakest link, he said. Managers need to make sure workers understand the best practices and know why they're important.
Think about the least tech-savvy person on your staff. The one who can't download an app without help or figure out how to use a spreadsheet. Do you think they can recognize a phishing email? Or use good judgment on when to open a zip file?
The consequences of a mistake can be very expensive.
On the subject of good information from the MAPP Environmental Health and Safety Summit, check out more coverage on Pages 4-5. Also, watch a future issue for additional stories on some hot topics: issues related to opioids and marijuana, which are becoming more complicated with a growing number of states approving pot for medical or even recreational use.
And if you want another headache, just think about the consequences of having your cyber security dependent on a worker under the influence of drugs.
Loepp is Plastics News editor and author of the Plastics Blog. Follow him on Twitter @donloepp.
