Keeping your data secure with Octopaye

Octopaye is an industry leading, cloud based payroll software system. With a combined industry experience of 60+ years across payroll and recruitment. We created a platform that delivers an unbeatable match of compliance and performance to help Umbrella Companies in their day to day payroll tasks.

HMRC recognised software means you know your business can grow and Octopaye will continue to grow with you, fully scalable software with a support network second to none. In an uncertain world, cyber attacks are on the increase – in particular, the complexity of them is growing, so how can we protect you?

We actually attack ourselves! The best way to learn about our systems is simple test and measure. We engage with an outside provider who will attempt, each month, to enter our network. Should a member of our team succumb to the test, they are then on a refresher course to spot future attacks. Why do we test monthly? This ensures our network is working at optimum capacity to combat an ever evolving threat.

The security of our system is just as important as running an accurate payroll. To this end, our cloud based system uses the latest security on our Amazon servers and the latest database infrastructure. As good as this is, we know the importance continuous security training and
robust internal policies. Let’s look at some good practices to keep your digital data secure.

Passwords

People do get hacked, and entire passwords are often stolen in breaches. But if you can improve your password security, you can boost your protection against hackers. It’s important to use a unique password on each of your services. If you don’t do this, it means that when one of your online services is hacked, they could potentially all get hacked. Attackers actually rely on people doing this—hackers try your password across multiple services to see if they can access them.
Apply two-step verification, or multi-factor and two-factor authentication—which means your password in addition to one or more other means of authentication—is the best way to keep your accounts more secure. Sometimes, this step happens without you noticing—think Apple’s FaceID or TouchID on your iPhone.

  • Never use personal information: Strong passwords shouldn’t include references to personal information such as names, birthdays, addresses, or phone numbers.
  • Include a combination of letters, numbers, and symbols: Secure passwords include a variety of random characters, numbers, and letters to make the password more complex.
  • Prioritise password length: Safe passwords should be at least 16 characters long to lessen the chances of falling victim to a data breach or cyberattack.
  • Never repeat passwords: Reusing the same password for different accounts puts you at risk.
  • Avoid using real words: Hackers use malicious programs that can process every word found in a dictionary to crack passwords.

Why is password security important?

With 68 percent (source: Norton) of people reusing the same security password for different accounts, it’s needless to note that the majority of people need to rethink their password security. Hackers have been diligent in creating new techniques to steal your information, putting your data, privacy, and cybersecurity at risk.

Without having password security best practices top of mind, individuals and businesses alike could be leaving themselves open to cybersecurity threats. Some potential consequences of weak password security include:

  • Data breaches
  • Identity theft
  • Computer hijacking
  • Blackmail
  • Loss of privacy

34% of companies who experienced a data breach claim that it was caused by insiders (source: Tenfold).

Does that ex-employee still have access?

A simple Google will bring you a plethora of stories where social media accounts have been set- up by ex employees who now have free reign to damage your business. Have you got processes in place for when employees leave so you can protect your business? Have you given access to too many people?

Our advice is to ensure owners of the business control the company passwords to protect you against any future issues.

“A lock isn’t very useful if everyone is given a key”. The same idea goes for employee access. If too many employees are given access to sensitive data and/or systems, the risk of someone mistakenly or intentionally revealing that data increases. More accounts with access also present more potential entry points for hackers, so it’s best to limit access to only employees who require the data in question to perform everyday tasks or other specific job duties.

In the event of a data breach, it can be easier to detect unauthorised access and determine where the breakdown in security occurred when only a few users are given permissions to use sensitive data. If the number of employees with access is too great, it can be difficult to monitor and ensure the proper use of each individual account.

Subscribe to our newsletter

Subscribe to our email list and never miss a thing from Octopaye blog.