December 3, 2020

Volume X, Number 338

Advertisement

December 03, 2020

Subscribe to Latest Legal News and Analysis

December 02, 2020

Subscribe to Latest Legal News and Analysis

December 01, 2020

Subscribe to Latest Legal News and Analysis

November 30, 2020

Subscribe to Latest Legal News and Analysis

Password Apathy

Few employees -- even IT employees -- are vigilant about using adequate passwords.    

Despite almost constant reports of data breaches and hacking incidents, many organizations are still not taking even the most basic measures to protect their organization's data. In fact, the password practices in some companies may actually be putting them at greater risk. According to a password security report by Lieberman Software, 48% of the more than 300 IT professionals surveyed have worked for organizations that have experienced a data breach.

But even with such first-hand experience, 42% said that two or more IT staff actually share passwords to access systems or applications in their organizations, 48% allow passwords to privileged accounts (those that contain high-level permission to access files, install programs, and change configuration settings) to remain unchanged for 90 days or more, and 25% admitted that their privileged account passwords were less complex than normal user logins.

Such practices make it easier for hackers -- and employees -- to gain access to sensitive data. For instance, 26% said that at least one IT staff member in their organization has abused privileged logins to access unauthorized information. This absence of fundamental data protection measures may point to a developing sense of apathy regarding data security, even among those who are tasked with maintaining it.      

Risk Management Magazine and Risk Management Monitor. Copyright 2020 Risk and Insurance Management Society, Inc. All rights reserved.National Law Review, Volume I, Number 354
Advertisement

TRENDING LEGAL ANALYSIS

Advertisement
Advertisement

About this Author

Editor in Chief

Morgan O’Rourke is the director of publications for the Risk and Insurance Management Society, Inc. (RIMS) and the editor in chief of Risk Management magazine and the Risk Management Monitor blog.

212-655-5922
Advertisement
Advertisement