New research shows how IT is lax on basic password protection policies
If you’re not enforcing strong passwords on your employees, then you could be at risk of a breach going well into seven figures to remediate it. Yet according to new data from OneLogin, a quarter of companies surveyed don’t even require user passwords to meet a minimum length requirement.
The study, which polled more than 500 US-based executives with influence over their firm’s security systems, also found a minority require users to rotate their passwords monthly (24%) or check them against common password lists (41%). Just over half (54%) say they enforce users to change their passwords monthly.
What’s more, IT believes it is doing a decent job at password protection, which only exacerbates the situation. 93% of respondents do have guidelines around password complexity with a similar number (87%) saying this is sufficient protection for their organisation. Yet only half (49%) require their internal users to follow basic password complexity policy.
Only 42% of organisations say they use single sign on (SSO) to manage employee access to corporate applications, with one in three (34%) saying they use SSO to manage external access to company apps. Similar numbers use multi-factor authentication for internal use (36%) and to manage external access (34%).
“Passwords alone are not enough to secure your company,” said Alvaro Hoyos, OneLogin chief information security officer in a statement. “Companies need to be more forward-thinking when it comes to identity and access management by enforcing strong passwords and using modern multi-factor authentication.”
Interested in hearing industry leaders discuss subjects like this and sharing their use-cases? Attend the co-located IoT Tech Expo, Blockchain Expo, AI & Big Data Expo and Cyber Security & Cloud Expo World Series with upcoming events in Silicon Valley, London and Amsterdam and explore the future of enterprise technology.
- » Alerts are ignored and turnover is high as security teams suffer from incident overload, report says
- » Appdome launches Zero Management Mobility for revamped enterprise security focus
- » Case study: Why ERP solutions for the food industry must do more than ensure compliance
- » Enterprises need comprehensive data strategies – but few are getting it right today
- » Putting culture into practice: Transforming employee happiness for greater efficiency