Explain what passwords and authentications are intended to achieve. Discuss the issues of managing passwords and authentications from a security and IT management perspective, and how security management might vary depending on the level of threat to the information protected. Consider these different types of organizations: asmall bakery, a mid-sized manufacturing company, and a bank. What type and level of passwords and authentications you think would be suitable for each of them?

Passwords and authentications are intended to achieve security for a company. While effectively managing passwords and creating a robust authentication system can help a company protect itself, hackers can still break into a company’s network through various types of malware.

Expert Answers

An illustration of the letter 'A' in a speech bubbles

Passwords and authentications are intended to achieve a level of security for a given company. A business will take myriad steps to protect its information from non-employees or malign actors. To defend themselves against hacks, data leaks, and so on, a company will have employees prove their identity through an assortment of actions, including entering a username, entering a password, fingerprints, or voice recognition.

The threat level can depend on the size of the company and its type of data. A small bakery might not be as lucrative a target for a hacker as a bank. A bank will probably have more enhanced authentication measures since they are dealing with the money of numerous people and businesses.

Then again, a small bakery or midsized manufacturing company should not consider themselves safe from harm. Ransomware strikes can target companies of all types. Last Thanksgiving, a small construction engineering firm in New York had to deal with a ransomware attack.

Even if a company has a robust authentication process, it could still be vulnerable to infiltration. Hackers do not need an applicable user name, password, or thumbprint to break into a firm’s system. To enter a company's network, hackers can entice one of its employees to click on a link or download a program. Once they click the link or download the malware, the hackers have access to the entire system.

Approved by eNotes Editorial Team