PASSWORDS AND YOUR WEBSITE SECURITY

There is a terrific article in today’s Newsday by Jamie Herzlich who writes the Small Business column titled “Password can spell security or disaster”.

 Check Newsday or the business section of the Newsday site, and for those without access here’s the article:

———————-

In a time of sophisticated attacks on computer systems, companies should routinely re-evaluate their password policies and consider improving security measures, say experts.

A password breach can be catastrophic for a company. Yet, many firms don’t put enough emphasis on security, often opting for easy-to-remember words or phrases.

Considering what’s at risk, companies should routinely re-evaluate their password policies and consider improving security measures, say experts.

“It’s human nature to create less work for ourselves,” explains Morgan Slain, CEO of Los Gatos, Calif.-based SplashData, which recently released its annual list of worst passwords, such as 123456 and “password.”

“As much as we try to educate people and enforce stronger password policies, this list has remained fairly unchanged for three years,” says Slain, whose top-25 list was compiled from files containing millions of stolen passwords posted online in the previous year.

  •  Passphrases: If you want to create a secure password easy to recall, consider using “passphrases” — short words with spaces or other characters separating them, advises Slain, adding it’s best to string random words together, not common phrases. Three words or more is ideal, he adds. For example, “cakes years birthday” or “smiles_ light_skip.”
  • Be inventive: Don’t use the same username/password combination for multiple websites or accounts, another common error, he notes. “People tend to reuse their passwords,” says Jeremi Gosney, CEO of Tacoma, Wash.-based Stricture Group, a password recovery and security firm. That’s because they have so many passwords to remember, which ultimately results in their creating simple ones, says Gosney, adding, “Most people know they have a bad password.”
  • Digital route: If you want a truly secure password, remove the human element entirely, he says. Have a digital password manager generate your password for you, he advises, such as LastPass. “Any kind of human-generated password we’re going to be able to crack.”
  • Management app: SplashData also offers its own password manager application, SplashID Safe, which generates, organizes and protects passwords. Users need to remember just one master password to get into the program, which safely stores your passwords and can automatically log you into accounts and websites without your having to retype a multitude of passwords.
  • The stronger the password, the less often you need to change it. “If the password is sophisticated enough, you don’t necessarily have to change it every few months,” says William Collins, president of NST Inc., an East Northport-based information technology services company.
  • Policy for workers: Whatever protocol you follow, it pays to have a password policy so employees have guidelines and understand what is expected, says Collins. Use the policy to enforce a standard, such as requiring passwords to have a certain level of complexity, he notes. Require a combination of letters, numbers, capitals and symbols, and avoid common words and phrases. For example, you wouldn’t want to use the last four digits of your Social Security number or your kids’ names, he says.
  • Restrict access: Also, remember not everyone needs the same access to the same passwords. “Restrict access to only those who need it,” advises Collins, and don’t be careless with your passwords (i.e. don’t write them on a sticky note).
  • Brian Selltiz, president of Digital Provisions in Smithtown, a commercial security integration firm that works with NST, says his policy dictates certain standards, such as the minimum length of passwords. He also limits access to passwords to certain employees based on their positions. “It’s always better to be safe than sorry,” says Selltiz.

2013’s WORST PASSWORDS:

1. 123456

2. password

3. 12345678

4. qwerty

5. abc1236. 123456789

7. 111111

8. 1234567

9. iloveyou

10. adobe123

Attorney Online Marketing in 2014 – 5 Things You Need to Know Now

Online marketing is still one of the best resources attorneys have for growing their firms. It is easier now than ever to create a professional online image for your firm through social media, websites and mobile marketing. However in the digital online world, the technologies change often.  If you are wondering what is new in the online marketing world in 2014, read on:

1)    Google+ is Essential

Chances are you’ve heard about Google+, sometimes called Google Plus. Toward the end of 2013, Google began placing even more importance on the use of its social media platform, so businesses are able to benefit from having a complete and active Google+ account to enhance their online presence. Google+ offers plenty of great marketing and branding features, so if your firm is not already on board, now is the time to create a page and starting interacting with other members.

 2)    Video Changes How Clients View You

Some business owners are intimidated by the idea of video marketing. The truth is it really helps clients relate to attorneys. According to Forbes.com, more than 90% of surveyed responders said they prefer video to other forms of marketing, including case studies and price quotes.

Simple introductory videos are an important part of your firm’s website. You can even expand your video marketing by starting a YouTube channel to educate potential clients. Use videos the way you would a blog – to build a reputation, share information, establish your credibility, and help clients become comfortable with you even before contacting your firm.

3)    Mobile Optimized Websites are the future.  The future is here now!

According to ABC News, by June of 2013, more than half of Americans owned smartphones. That number increase regularly. Interestingly, in today’s world there are many people who access the internet only through a mobile devise, never using a desktop computer. To provide the best user experience possible, your desktop website should be mobile optimized so that the content renders appropriately for the screen on which it is viewed. There are currently two ways to optimize your site – using a redirect link to a separate mobile designed website, or using a responsive design that reorganizes the page content and imagery according to the size of the screen it is being viewed upon. Each has its benefits and drawback, worthy of a separate blog topic.

4)    Keywords Are Not What They Used to Be

It is time to change your thinking about keywords. If you haven’t already familiarized yourself with the most recent SEO changes, do so now. Keywords are still important, but the days of stuffing terribly written content with hundreds of keywords are long gone. Now your content needs to be well-written and packed with useful information. This might take a bit more time or require the services of a writer capable of writing within your industry, but it helps you establish the type of reputation you want online. Having your website discovered by search engines and writing in a voice that is professional enough to represent your company now go hand-in-hand. Quality content written with important keywords in mind is now only one way to achieve high rankings.

5)    Content is King; Easy Access to that Content is Essential

Now more than ever before the search engines respect well written informative original content. Target 300 -500 words per page and make each word count. Content that informs “glues” both your visitor and the search engines to your website, providing a better user experience. Your website design should work in conjunction with that content, allowing your visitors to get to their desired information within two clicks.

 Want to learn more about what’s hot in online marketing for this year? Contact Websites for Lawyers at 516.238.5252 or by emailing us here.