According to data coming from Lieberman Software, passwords are still a problem in the enterprise, including apathy from senior management, and password related chaos from IT staff.
Lieberman’s data reveals a fundamental lack of IT security awareness in enterprises, particularly in the arena of password control and privileged logins. For example, 42-percent of the 300 IT professionals surveyed said that their organization share passwords and 51-percent said they needed to remember ten or more passwords for work alone.
Moreover, 50-percent of the passwords in use remain unchanged, despite password rotation being a basic security practice. This is in addition to the respondents admitting that they were aware of some users abusing shared privileges, in order to access information they shouldn’t.
“Password anarchy among the IT staff at major organizations is mirrored by password apathy at the top of the management hierarchy, where senior management seem almost criminally lax in the enforcement of IT security policies – to the detriment of their organizations,” commented Philip Lieberman, President and CEO of Lieberman Software.
“Management will have to pay far more attention to their basic security practices or be forced to apologize to their shareholders and customers for major data losses and subsequent damage to brand loyalty. The simple, unpalatable truth is that senior management generally is not policing their IT security departments enough to avoid further massive data breaches.”
The full report is available here.
Related: Survey Reveals How Stupid People are With Their Passwords
More from Steve Ragan
- Anonymous Claims Attack on IP Surveillance Firm Brickcom, Leaks Customer Data
- Workers Don’t Trust Employers with Personal Data: Survey
- Root SSH Key Compromised in Emergency Alerting Systems
- Morningstar Data Breach Impacted 184,000 Clients
- Microsoft to Patch Seven Flaws in July’s Patch Tuesday
- OpenX Addresses New Security Flaws with Latest Update
- Ubisoft Breached: Users Urged to Change Passwords
- Anonymous Targets Anti-Anonymity B2B Firm Relead.com
Latest News
- PyPI Enforcing 2FA for All Project Maintainers to Boost Security
- Personal Information of 9 Million Individuals Stolen in MCNA Ransomware Attack
- Many Vulnerabilities Found in PrinterLogic Enterprise Software
- Industrial Giant ABB Confirms Ransomware Attack, Data Theft
- Organizations Worldwide Targeted in Rapidly Evolving Buhti Ransomware Operation
- Google Cloud Users Can Now Automate TLS Certificate Lifecycle
- Zyxel Firewalls Hacked by Mirai Botnet
- Watch Now: Threat Detection and Incident Response Virtual Summit
