New research shows how IT is lax on basic password protection policies
If you’re not enforcing strong passwords on your employees, then you could be at risk of a breach going well into seven figures to remediate it. Yet according to new data from OneLogin, a quarter of companies surveyed don’t even require user passwords to meet a minimum length requirement.
The study, which polled more than 500 US-based executives with influence over their firm’s security systems, also found a minority require users to rotate their passwords monthly (24%) or check them against common password lists (41%). Just over half (54%) say they enforce users to change their passwords monthly.
What’s more, IT believes it is doing a decent job at password protection, which only exacerbates the situation. 93% of respondents do have guidelines around password complexity with a similar number (87%) saying this is sufficient protection for their organisation. Yet only half (49%) require their internal users to follow basic password complexity policy.
Only 42% of organisations say they use single sign on (SSO) to manage employee access to corporate applications, with one in three (34%) saying they use SSO to manage external access to company apps. Similar numbers use multi-factor authentication for internal use (36%) and to manage external access (34%).
“Passwords alone are not enough to secure your company,” said Alvaro Hoyos, OneLogin chief information security officer in a statement. “Companies need to be more forward-thinking when it comes to identity and access management by enforcing strong passwords and using modern multi-factor authentication.”
Interested in hearing industry leaders discuss subjects like this and sharing their use-cases? Attend the co-located IoT Tech Expo, Blockchain Expo, AI & Big Data Expo and Cyber Security & Cloud Expo World Series with upcoming events in Silicon Valley, London and Amsterdam and explore the future of enterprise technology.
- » Unqork secures $51 million in series B funding to further no-code enterprise mission
- » Gaurang Torvekar, CEO, Indorse: On finding the right business model for a skills marketplace – with blockchain
- » How to deal with technical debt to fully go through the gears of digital transformation
- » For a truly customer-centric model, we need to solve the ‘last mile’ of AI
- » The quest for the perfect PC: Travelling through the cloud, via VDI and desktop centralisation