![]() ![]() It's important to remember that following proper security guidelines in a work-from-home environment is just as critical as in an office environment. The lack of cybersecurity hygiene not only puts the individual at risk, but can also present a wide range of negative consequences for their organization. "As most employees work from the comfort of their homes, they have become too comfortable with how they create, store and then share these passwords with family and colleagues. "The transition to a remote working environment has led to even more reckless password management practices, which is very worrying," said Darren Guccione, CEO and Co-Founder of Keeper Security. Nearly half of respondents (46%) report that their company encourages sharing passwords for accounts that are used by multiple people.įurthermore, around 32% have admitted to accessing an online account belonging to a previous employer, which is a clear indication that many employers don’t disable accounts when employees leave the company. However, Sticky Notes normally stores the information in a SQL db that can be read with Notepad++ with little trouble. They don't like other options, they want Sticky Notes. The survey finds that often poor password management practices extend from the top. 1 Example: Users want to use Sticky Notes for quick note taking. On top of all this, the passwords too are usually weak and easy to guess, with 37% of the respondents using their employer’s name, significant other’s name or birthday in a work-related password.Īnother example of poor password management is that 44% employees admit to using the same password for both personal and work-related accounts.Īnd it’s not just the employees. The most popular digital means of storing the password though is the phone, with 55% of the respondents choosing to make a note of their work-related passwords on the device that’s easy to break into, or get stolen. ![]() A higher number (51%) just simply bung the password in a document that’s saved on their computers. For instance, 49% of the respondents save work-related passwords in an unencrypted document in the cloud. I’m confident that efforts in this direction will become more commonplace moving forward.The report has several evidence of such poor password security practices. This is all done while ensuring that users only have the access they need to do their jobs. The solution can quickly prune employees who are no longer employees or contractors who are no longer on the project, which improves security and drives down costs. Their MO is all about determining which employees or contractors have access to which systems and projects and enabling the continuous provisioning and management of these. Why pay for access for people who don’t need it or shouldn’t have it?Īmong my portfolio companies is an enterprise security company that’s helping to refine exactly how to automate access management for cloud environments and SaaS applications. Limiting access is important not just for improved security, but also for cost reduction. Managing permissions and levels of permission can get complicated with revolving contractors and provisioning issues, and potentially hundreds of layers of functionality, each with its own layer of permissioning. In your cloud environment, access monitoring should also be a priority. ![]() But breaches can occur, even within those organizations, like one did in May 2022 at AWS. In theory, cloud security should be stronger as some of the very best enterprise organizations manage it. Organizations must also better understand who can access corporate assets in the cloud. More often than not, too many employees have access to things that they don’t really need. In any case, that is too high of a percentage to ignore, and it’s likely going to grow unless organizations rethink how they provide and manage access to their critical systems. At least two studies on data breaches during 2022 found that employee errors or mistakes caused either 88% or 95% of data breaches.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |