Password Management Problems: Employees Significantly Increasing Risk of Security Breaches
Managing passwords is not a new thing. But, we are seeing a renewed focus on it due to the rapid adoption of new technologies – such as cloud applications and BYOA – multiplying the number of usernames and passwords that end users need to keep track of on a daily basis, which is wrecking havoc across the enterprise. The onslaught of new details that employees need to remember is greatly increasing the number of helpdesk calls, which causes the business extra man hours and money. It is also exposing the business to more and more opportunities for security breaches.
In fact, in the second part of our recent Market Pulse Survey, we found a statistic that caused me pause. Of the 1,000 office workers that we interviewed at organizations with at least 3,000 employees, 1 in 7 admitted they would sell their passwords – some for even as little as $150. Combining that with the finding that 20% of those surveyed also share login details with their coworkers means that some of the world’s largest organizations are in great danger of possible security breaches due to weak practices, policies, and enforcement over the management of passwords – one of the simplest avenues for hackers to break in if not handled properly.
These organizations should be concerned that so many employees admit that they would actually sell their passwords for money. There is a clear disconnect here between data security and the need to implement secure password management. We know password management is a pain point for companies around the world, but our recent survey showed us how much companies are struggling. Simply put, organizations need to pay closer attention to the oversight they place on employee passwords.
With the right tools in place to provide users with self-service for managing passwords for enterprise applications (both tradition on-premises applications as well as cloud-based applications like Salesforce, Concur and Dropbox), organizations can consolidate and streamline password management. This both eliminates the need to visit multiple places or contact the help desk to reset or change passwords. By incorporating password management into their overall identity management strategy, organizations can address the growing issue of password abuser by providing employees with the convenience of a single, secure place to store passwords, while providing IT organizations with the controls to ensure strong, unique passwords are being used.
Here are the full survey results: