When Working From Home, Employees’ Password Hygiene is Critical
Most working professionals use a password at least once – if not many times – every day. What better time than World Password Day on May 6 to revisit the topic of organizational password hygiene practices? Now that more employees than ever are working from home, smart password strategies must be front and center in every workplace.
Password Reuse is Still a Very Big Problem
Organizations with robust cybersecurity defenses can still be undermined by poor password practices. According to a survey by Google, password reuse is still a common practice, despite the awareness of the risks. More than half of the people surveyed reported reusing the same password for multiple accounts.
Security Boulevard highlighted the password reuse problem with these alarming statistics:
- A survey found that 91% of respondents claim to understand the risks of reusing passwords across multiple accounts, but 59% admitted to doing it anyway.
- Microsoft recently announced that a staggering 44 million accounts were vulnerable to account takeover due to compromised or stolen passwords.
- The average person reuses each password as many as 14 times.
- 72% of individuals reuse passwords in their personal life while nearly half (49%) of employees simply change or add a digit or character to their password when updating their company password every 90 days. These forced resets are an ineffective tactic.
- And it is not just personal accounts. 73% of users duplicate their passwords in both their personal and work accounts.
- Security.org found that 76% of millennials recycle their passwords.
- This is why compromised passwords are responsible for 81% of hacking-related breaches, according to the Verizon Data Breach Investigations Report.
Cybercriminals Are Waiting to Prey on Vulnerabilities
For many workers, home and “the office” are one and the same, and employers expect that 40% employees will still be working remotely at the end of 2021. Many employees use personal devices to access work systems, and sometimes those devices are shared among family members. This means the line between personal risk and organizational risk is now almost nonexistent.
As evidenced by the data above, password behaviors still need a lot of improvement, and employees and organizations alike underestimate the risks posed to the workplace. Many still aren’t making the connection that breached credentials on a personal account can create serious workplace vulnerabilities if the credentials are reused or a compromised device is used to access an enterprise system.
In sophisticated cyber attacks, a cybercriminal may first look to access the personal accounts of employees at a targeted organization, which are often easier to hack. Then, the personal information gathered is used to devise credible-looking schemes, or otherwise gain access to corporate systems.
ID Security Can Protect Both Employees and Employers
Because the world is becoming increasingly digital and cyber threats have been heightened by the COVID-19 pandemic, more organizations are offering Sontiq’s intelligent identity security to employees as part of their benefits package. The robust cyber defenses include notification whenever an individual’s compromised credentials are found on the Dark Web, so fast action can be taken to secure passwords.
Sontiq recently added the following new features to its employee benefits packages to strengthen employees’ cyber defenses:
- Up to $25,000 in ransomware resolution and reimbursement. Sontiq will assist with determining if ransomware should be paid or if there are alternative options; paying ransomware fee through a variety of crypto-currencies when necessary.
- Up to $25,000 in social engineering resolution and reimbursement. If an employee is tricked into giving up confidential information, Sontiq will assist with placing additional security on accounts moving forward and offers reimbursement up to $25,000.
- Senior fraud resolution. Since many people are caring for their senior family members, Sontiq is extending its resolution services beyond the standard household to include parents (in-law) and grandparents (in-law).
Learn more about adding intelligent identity security to your employee benefits package.