Password Sharing and its Impact on Enterprise Data Security
One of the extreme threats faced by enterprises in recent times is that of the data breach. Insiders and cybercriminals are keenly aware of the value of data. Many people don’t understand the risk, and they are also unaware of ways to protect their data, especially when it comes to handling passwords at work. Employees easily share their credentials without giving a second thought about the breach of company policy. In a survey conducted by SurveyMonkey among U.S. adults, it was shown that out of 1,507 participants, one third (34percent) of them shared their passwords with their co-workers. Almost 22 percent of the participants admitted that they reuse the same password on multiple work accounts. It is seen that only about 12 percent of the employees use password managers to manage multiple passwords securely.
Check out: Top Blockchain Companies
Password sharing can significantly weaken the organization’s security, and it is shown that the majority of the hacking related breaches occur due to weak or stolen passwords. Legal issues can arise if the customer’s privacy is violated. A company must establish a strong policy prohibiting password sharing under any circumstances. Due to multiple logins to a single account, it is difficult to trace the user who compromises the data. Some level of control must be established at workstations like limiting concurrent logins and forcing logoffs exceeding the allowed number of times. Multi-factor authentication and use of long passwords must be encouraged. Employees must be nurtured about the benefits of using password managers like LastPass or Dashlane to avoid using the same passwords for multiple services. Use of personal devices must be avoided in workstations to prevent unauthorized users from accessing the network and confidential data.
CIOs must regulate the policies and make sure that users must not be squeezed to work together in a shared account. When the line between work and home fades, employees tend to increase the risk when they share files from personal device to their company device. Every employee of the organization must be educated about the security policy and password sharing by highlighting the risks involved. An organization must monitor, control, and update policies to minimize or completely eradicate password sharing. Prevention of password sharing will reduce external and internal threats, creating a secure work environment.
By Tom Farrah, CIO & SVP, Dr Pepper Snapple Group
By George Evans, CIO, Singing River Health System
By John Kamin, EVP and CIO, Old National Bancorp
By Phil Jordan, CIO, Telefonica
By Elliot Garbus, VP-IoT Solutions Group & GM-Automotive...
By Dennis Hodges, CIO, Inteva Products
By Bill Krivoshik, SVP & CIO, Time Warner Inc.
By Gregory Morrison, SVP & CIO, Cox Enterprises
By Alberto Ruocco, CIO, American Electric Power
By Sam Lamonica, CIO & VP Information Systems, Rosendin...
By Sven Gerjets, SVP-IT, DIRECTV
By Marie Blake, EVP & CCO, BankUnited
By Lowell Gilvin, Chief Process Officer, Jabil
By Walter Carvalho, VP & Corporate CIO, Carnival Corporation
By Mary Alice Annecharico, SVP & CIO, Henry Ford Health System
By Bernd Schlotter, President of Services, Unify
By Bob Fecteau, CIO, SAIC
By Jason Alan Snyder, CTO, Momentum Worldwide
By Jim Whitehurst, CEO, Red Hat
By Marc Jones, Distinguished Engineer, IBM Cloud Infrastructure