Passwords are the key to any online platform, however people tend to use simple password or same password across multiple accounts. It creates the convenience but at the same time the convenience has come at the price of your privacy. Imagine the common password like “12345” or just the word “password” can be hacked in less than one second. Cyber criminals can then use your account to access your other online accounts. It is essential to use a strong password which is long, combine with different alphanumeric and special characters. To make it safely, often change this strong password for example every month.

“Sp1V@19t$” is a good example of strong password.

In reality, there is no such thing as unbreakable password even when a strong password policy is enforced. Nevertheless, the implementation of such policy will make the journey of hacking longer, and it requires a more powerful hardware to perform the malicious hacking.. With LeapsUP system, administrator is able to control the expiry of password which enforces the frequency of password change. Employee’s account will be disabled after numbers of attempt with invalid password. The password cannot contain employee personal information such as employee name, ID and etc.

Two factor authentication or also known as 2FA or multi factor authentication become more popular especially in banking industry which requires you to confirm the ownership by providing two separate passwords. Typically, user will receive a one-time code via email or SMS or you may use an authenticator application such as Google Authenticator or Microsoft Authenticator as an added verification step. The codes are changed for every request therefore two factor authentication makes it a lot more difficult to hack through your account.

LeapsUP enables 2FA to tighten up the security. A separate code will be generated from Google Authenticator or Microsoft Authenticator. Employee can now safely access to his/her personal information.

It is a fact that cannot be denied that employees can be one of the weakest links in an organisation’s cybersecurity and are often the source of data breaches. Most of cases are unintentional, employees might accidentally email sensitive information or even share administrator account.

These are not easy to prevent but through a proper monitoring tool and audit trail, the breaches will be easily identified. Here are a sample of monitoring report to determine the user who performs certain tasks.

Aside from this, system provider who complies with ISO 27001 will be formally audited to ensure that the actions below are properly adhered to: –

• Systematically examines the organisation’s information security risks, taking account of the threats, vulnerabilities, and impacts.
• Designs and implements a coherent and comprehensive suite of information security controls and/or other forms of risk treatment (such as risk avoidance or risk transfer) to address those risks that are deemed unacceptable.
• Adopts an overarching management process to ensure that the information security controls continue to meet the organisation’s information security needs on an on-going basis.

We are proud to announce that Frontier e-HR is ISO 27001 certified, we ensure that our customer’s business security risks are well managed.