Password Sharing and its Impact on Enterprise Data Security
One of the extreme threats faced by enterprises in recent times is that of the data breach. Insiders and cybercriminals are keenly aware of the value of data. Many people don’t understand the risk, and they are also unaware of ways to protect their data, especially when it comes to handling passwords at work. Employees easily share their credentials without giving a second thought about the breach of company policy. In a survey conducted by SurveyMonkey among U.S. adults, it was shown that out of 1,507 participants, one third (34percent) of them shared their passwords with their co-workers. Almost 22 percent of the participants admitted that they reuse the same password on multiple work accounts. It is seen that only about 12 percent of the employees use password managers to manage multiple passwords securely.
Check out: Top Blockchain Companies
Password sharing can significantly weaken the organization’s security, and it is shown that the majority of the hacking related breaches occur due to weak or stolen passwords. Legal issues can arise if the customer’s privacy is violated. A company must establish a strong policy prohibiting password sharing under any circumstances. Due to multiple logins to a single account, it is difficult to trace the user who compromises the data. Some level of control must be established at workstations like limiting concurrent logins and forcing logoffs exceeding the allowed number of times. Multi-factor authentication and use of long passwords must be encouraged. Employees must be nurtured about the benefits of using password managers like LastPass or Dashlane to avoid using the same passwords for multiple services. Use of personal devices must be avoided in workstations to prevent unauthorized users from accessing the network and confidential data.
CIOs must regulate the policies and make sure that users must not be squeezed to work together in a shared account. When the line between work and home fades, employees tend to increase the risk when they share files from personal device to their company device. Every employee of the organization must be educated about the security policy and password sharing by highlighting the risks involved. An organization must monitor, control, and update policies to minimize or completely eradicate password sharing. Prevention of password sharing will reduce external and internal threats, creating a secure work environment.
By Michael Cockrill, CIO, State of Washington
By Brett Shockley, SVP & CIO, Avaya
By Sven Gerjets, SVP-IT, DIRECTV
By Steve Moyer, VP of Storage Software Engineering, Micron...
By Michelle R. McKenna-Doyle, SVP and CIO, National Football...
By Patrick Hale, CIO, VITAS Healthcare
By Roman Trakhtenberg, CEO, Luxoft
By Julia Davis, SVP, CIO, Aflac
By Chris Westlake, VP & GM of Service,RK
By Pauly Comtois, VP DevOps, Hearst Business Media
By Yanni Charalambous, VP & CIO, Occidental Petroleum...
By Bob Brown, VP-Production & Operations, ONE World Sports
By Arthur Hu, SVP & CIO, Lenovo
By Ron Guerrier, CIO, Farmers Insurance Group, Inc.
By Scott Cardenas, CIO, City and County of Denver
By Kevin McCarron, Vice President Collaboration, Carousel...
By Marc Kermisch, VP & CIO, Red Wing Shoe Co.
By Christopher Frenz, AVP of Information Security,...
By Brian Drozdowicz, VP, Digital Services, Siemens...
By Les Ottolenghi, EVP and CIO, Caesars Entertainment