Password Sharing and its Impact on Enterprise Data Security
One of the extreme threats faced by enterprises in recent times is that of the data breach. Insiders and cybercriminals are keenly aware of the value of data. Many people don’t understand the risk, and they are also unaware of ways to protect their data, especially when it comes to handling passwords at work. Employees easily share their credentials without giving a second thought about the breach of company policy. In a survey conducted by SurveyMonkey among U.S. adults, it was shown that out of 1,507 participants, one third (34percent) of them shared their passwords with their co-workers. Almost 22 percent of the participants admitted that they reuse the same password on multiple work accounts. It is seen that only about 12 percent of the employees use password managers to manage multiple passwords securely.
Check out: Top Blockchain Companies
Password sharing can significantly weaken the organization’s security, and it is shown that the majority of the hacking related breaches occur due to weak or stolen passwords. Legal issues can arise if the customer’s privacy is violated. A company must establish a strong policy prohibiting password sharing under any circumstances. Due to multiple logins to a single account, it is difficult to trace the user who compromises the data. Some level of control must be established at workstations like limiting concurrent logins and forcing logoffs exceeding the allowed number of times. Multi-factor authentication and use of long passwords must be encouraged. Employees must be nurtured about the benefits of using password managers like LastPass or Dashlane to avoid using the same passwords for multiple services. Use of personal devices must be avoided in workstations to prevent unauthorized users from accessing the network and confidential data.
CIOs must regulate the policies and make sure that users must not be squeezed to work together in a shared account. When the line between work and home fades, employees tend to increase the risk when they share files from personal device to their company device. Every employee of the organization must be educated about the security policy and password sharing by highlighting the risks involved. An organization must monitor, control, and update policies to minimize or completely eradicate password sharing. Prevention of password sharing will reduce external and internal threats, creating a secure work environment.
By Chris Tjotjos, VP, Cisco Solutions Practice, Black Box...
By Laura Jackson, Sr. Manager-Risk Management, ABS Consulting
By Jason Cradit, VP of Information Systems, Willbros Group
By Steve Garske, Ph.D., Senior Vice President & Chief...
By Roman Trakhtenberg, CEO, Luxoft
By Renee P Wynn, CIO, NASA
By Mike Morris, CIO, Legends
By Louis Carr, Jr., CIO, Clark County
By Andrew Macaulay, CTO, Topgolf Entertainment Group
By Dominic Casserley, President and Deputy CEO, Willis...
By Dave Nelson, SVP-Portfolio Lead, Avanade, Inc.
By Michael Cross, SVP & CIO, CommScope Holding Company Inc.
By Pauly Comtois, VP DevOps, Hearst Business Media
By Dan Adam, CIO, Extreme Networks
By Matt Schlabig, CIO, Worthington Industries
By David Tamayo, CIO, DCS Corporation
By Scott Cardenas, CIO, City and County of Denver
By Marc Kermisch, VP & CIO, Red Wing Shoe Co.
By Brian Drozdowicz, VP, Digital Services, Siemens...
By Les Ottolenghi, EVP and CIO, Caesars Entertainment