Sensitive systems and underlying processes that could have a major impact on business continuity if they were breached should be protected by strong authentication measures, say security experts. Consider implementing two-factor or multifactor authentication for employees who have access to those resources.
A best practice advocated by security experts is to force employees to change their system passwords quarterly. A password should contain at least eight characters and contain a mixture of upper-case and lower-case letters, numbers and special characters. Avoid names and dictionary words.