All network authorized personnel must be instructed to use "strong" passwords consisting of at least 8 characters; they must include at least one upper and one lower case letter, at least one Arabic number, and at least one "special character" in addition to avoiding any form or abbreviation of the user's first or last name (Boyce, 2002; Kizza, 2005). Network administrators must also implement applications capable of ensuring compliance by automatically rejecting improper password choices. Additionally, administrators must require authorized users to change their passwords at specific intervals. Finally, office managers must monitor compliance with common-sense rules about behavioral aspects of password security, such as prohibiting divulging passwords to co-workers, requiring users to log off if they leave their terminals, and by providing training into recognizing attempted social engineering to obtain secure information through deception (Larson, 2007).

Likewise, authentication layers...

In that regard, the most cost-effective elements of authentication would consist of assigned security key sequences by the network security administrators and hardware components such as fingerprint readers capable of identifying individual users by their unique fingerprints (Larson, 2007). The first authentication assurance element is not associated with any more than nominal indirect costs (represented by the time devoted by network security administrators); the second element is available at an approximate cost of $100 per computer network terminal (Larsen, 2007).
References

Boyce J. (2002). Information Assurance: Managing Organizational it Risks. St. Louis,

MO: Elsevier.

Kizza JM. (2005). Computer Network Security. New York: Springer.

Larsen R. (2007). Our Own Worst Enemy: Asking the Right Questions About

Security to Protect You, Your Family, and America. New York: Grand…