New data suggests that many companies aren’t doing enough to control access to work-related accounts, despite the obvious threat posed by insiders.
according to report According to certification firm Beyond Identity, nearly a quarter of people have access to their previous work accounts, exposing the company to data theft or sabotage by dissatisfied ex-employees.
Based on a poll of 1,000 workers, the report also highlights the risks associated with password sharing. This is common in many companies. Just under half (41.7%) of those surveyed allowed their work passwords to be shared with colleagues, contractors, or family and friends.
Data shared exclusively with Pro Indicates that password sharing is the most frequent occurrence among managerial employees. Many managers have the potential to access large amounts of sensitive enterprise data.
Ironically, this type of employee emphasizes that password sharing should most likely be a dismissable crime and deliberately ignores password best practices. ..
Most of the time, the reason for poor password hygiene is convenience. Low-pressure employees are looking for ways to streamline their workflows and avoid the friction associated with means such as two-factor authentication.
Nearly half of respondents say that strict password policies have a direct impact on productivity, so 1 in 10 people rarely or never change their passwords (20 in small businesses). Has risen to%).
In addition, many employees use a single universal password for their work and personal accounts, which can lead to credential cramming attacks when credentials are disclosed due to third-party data breaches. The associated risks increase.
To fix this issue, Beyond Identity is asking companies to permanently abandon their passwords in favor of alternative authentication methods that are neither productive nor vulnerable to misuse.
“Companies do everything they can to protect against the threat of cyberattacks and data breaches, but they may not be truly secure without password-less authentication. Good password hygiene is during the login process. It creates friction and hinders good product usability. Even if a company implements strict passwords, policies can be compromised by loose password habits among employees, “said Beyond Identity CTO Jasson Casey. Explains.
“Reusing work passwords for personal accounts, sharing passwords between colleagues, former employees who maintain access to credentials, and rarely changing passwords require employees to use passwords. This is just one of the ways employer data can become vulnerable. “
An incredible number of people can still break into old work accounts
Source link An incredible number of people can still break into old work accounts