When asked for real examples of this happening in their organization, 29% of respondents said the had incidents in the past year where the organization lost access to production systems after an employee left, per the report.Īs companies are struggling with high turnover rates in the wake of the COVID-19 pandemic, leading to the Great Resignation, organizations need to take steps to better secure their employees’ credentials. Still, a sizeable portion are less confident, with 53% saying they are not confident or are slightly confident. Those password security figures improve slightly when asked if they can secure account credentials if an employee is terminated, with 47% saying they are at least somewhat confident in their ability to do so. This insecure way of storing passwords can create challenges when an employee leaves the organization or is terminated, as just 33% of leaders said they were at least “somewhat confident” that employees are not taking their enterprise passwords with them, and 67% said they were either slightly confident or not confident at all. Suggesting that IT leaders aren’t practicing what they preach, the report found that 93% require password management and security training of their end users, and 63% hold such training more than once a year. Meanwhile, 8% physically write passwords on sticky notes or notebooks. Less than a third (30%) say they use a company-provided password manager, and 15% use a personal password manager. The Calgary-based firm’s report found that 46% of respondents primarily store passwords on shared office documents, which is an insecure way of managing passwords and can lead to cyberattacks. Copies of the spreadsheet can easily be made and there is no way to see who can access the information or prevent former employees from taking it.Despite compromised credentials leading to a majority of cyberattacks, almost half of IT and cybersecurity leaders say they still store passwords in shared office documents despite nearly all requiring password management and security training of their end users, according to new research from cybersecurity software provider Hitachi ID. This is a dangerous practice as it can be intercepted by a cybercriminal or lost in the process. People often share spreadsheets containing usernames and passwords by emailing or copying them to a USB drive. Think of it like placing your house key under your welcome mat – it's the first place an intruder would check. Putting your passwords on a sticky note, for example, makes you susceptible to password-related attacks because it opens the door for threat actors to easily get a hold of your passwords. However, this practice results in very poor password security because spreadsheets are not encrypted.Ĭyberattacks occur because of vulnerabilities within an organization. Employees often fall into this bad habit because they have no other way of storing or sharing company account credentials. One of the worst ways to keep track of passwords is in an Excel Spreadsheet or equivalent. Is it Safe to Keep Passwords in a Spreadsheet? Strengthen your organization with zero-trust security and policiesĪchieve industry compliance and audit reporting including SOX and FedRAMPĪutomate credential rotation to drastically reduce the risk of credential-based attacks Restrict secure access to authorized users with RBAC and policies Initiate secure remote access with RDP, SSH and other common protocols Manage and protect SSH keys and digital certificates across your tech stack
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |