To help you jump start the new year, we’re posting thirty-one technology and business treats, one for each day of January.
Business owners are dependent on their employees in handling various aspects of their business. Various technologies play a major role in conducting and managing business today. And, as we have all come to regard as second nature, user names and passwords are key components of accessing technology. So what are the issues around user names and passwords a business owner* needs to consider?
Cloudtippers’ approach is that passwords for shared and individual accounts are personal, but a business owner does have the right to grant, restrict, or remove a user’s access. The first thing a business owner must do is:
- identify who needs access to what accounts
- grant or restrict access to those accounts
- remove access to those accounts
These decisions are generally dependent on the employee’s role and job function. Once an employee leaves or is terminated, they need to be removed from any and all company accounts. It’s unbelievable how many businesses don’t have policies or procedures, or don’t have good practices,
Sometimes there are individual accounts or one user. Sometimes accounts are shared, either everyone sharing one user access or individuals having shared access to one account.
Individual Accounts
Individual accounts are just what they indicate: one account for one user. Most companies and organizations use some technology of this sort: email, software, web apps, and the like. The administrator must be able to set up user access, change passwords, and when necessary, remove access for users no longer with the organization.
Shared Accounts
Sometimes accounts are shared within an organization. A common practice for a small business is for multiple people to have access to a shared email address, like info@mycompany.com. Everyone logs in with the same user name and password. When someone who has been accessing that shared email account leaves, the password must be changed and everyone still on the account given the new password.
Some businesses have one account, or only pay for one user, for their financial software. The bookkeeper, the accountant, and the treasurer may all have shared access to that financial software. When any one of them leave, the password must be changed to protect the data.
One Last Thing
Whether a business or organization internally handles the administration of users or works with an outside administrator, they will want to develop some simple policies, procedures, and practices for granting, restricting, and removing access for users. The organization will also want to have a plan for when the administrator is no longer available … an important aspect of business continuity!
Do you have long-gone employees who are still on any accounts? Email accounts are quite common. Today’s task is to remove them! That still doesn’t let you off the hook for developing some real policies, procedures, and practices, but at least you’ll have something to show for your efforts!
* I’m referencing business owners, but these principles and practices apply to any business, company, or organization.
Linda finally let her inner geek emerge. She crafted her writing style getting her sermons to 8 minutes. Guess what she did for lots of years in a prior life?