Password Misuse Is One of the Main Reasons for Breaches

A recent study conducted by Lieberman Software at the HP Protect 2011 conference reveals that close to half of the participants worked at one point for a company that suffered a data breach.

When asked about the passwords they use and the way they're handled, the 300 IT professionals present revealed some interesting information.

Just over 50% answered that their workplace requires them to remember 10 or more passwords, needed to access different parts of the network.

Unfortunately, 42% admit they're sharing admittance details with coworkers, which means that if someone's set of credentials is stolen, all hell could break loose and the organization's computer structure could easily suffer an attack.

A quarter even said they are aware of employees abusing security clearances to access sensitive information and 48% claim that the most basic protection policies regarding safewords are ignored, this giving hackers the best opportunity to strike.

“This survey shows that despite the huge number of frequent data breaches, over the past twelve months senior management in many organizations have not yet grasped the fundamentals of IT security. In fact they are actively paving the way for more and bigger disasters,” said Philip Lieberman, President and CEO of Lieberman Software.

“Password anarchy among the IT staff at major organizations is mirrored by password apathy at the top of the management hierarchy, where senior management seem almost criminally lax in the enforcement of IT security policies - to the detriment of their organizations”.

“These fundamentally careless practices and procedures revealed by the IT departments of the organizations we surveyed could cost them dearly in the coming months. We have consistently said that basic security includes locking down access to systems containing sensitive data to minimize the insider threat. However, only months after the Sony, RSA Security and Comodo breaches the situation within major organizations remains at risk,” Lieberman added.

The CEO believes that if managers don't pay attention to security policies their business will eventually witness a data breach and their reputation in the eyes of their customers will suffer dearly.