According to Lieberman Software, 48% of surveyed IT professionals working in the security organization, whose network has been compromised by hackers. The survey painted a clear picture of the complete mess that is going on with the passwords among IT staff and senior management indifference to save the password.
51% of respondents have 10 or more passwords used in the work;
42% of respondents said their organizations, IT staff share with each other passwords and access to systems and applications;
26% said they were aware that some members of the IT staff abuse their privileged position to illegally access sensitive information;
48% of respondents work for companies that do not change their preferred passwords for 90 days – that is a violation of the basic regulatory requirements and one of the main reasons why hackers are still able to jeopardize the safety of large organizations.
Password management and data leakage
The survey of more than 300 IT professionals suggests that a fundamental lack of understanding of IT security in enterprises, especially in the control of privileged passwords and logins, paving the way for a new wave of data loss.
These shortcomings are loopholes through which hackers gain access to the most important to the organization. If almost 50% of all passwords remain unchanged, as shown by this study, it appears that the fundamental and basic rules of IT security are ignored and the staff and their senior management.
Privileged accounts contain special permission to access files, install and run programs, and change configuration settings. Misuse is a major cause of data loss.
Philip Lieberman, president and CEO of Lieberman Software said: “This study shows that despite the huge number and frequency of data breaches within the last twelve months, the top management of many organizations still do not understand the basics of IT security. In fact, they actively pave the way for its further troubles. ”
He continued: “The lack of order in a system of passwords among the IT staff of large organizations is a reflection of the apathy of leadership in this regard, senior management seems to be just a weak criminal policy in compliance with IT security – to the detriment of their organizations.”
“Neglect of IT organizations surveyed organizations can cost them dearly in the coming months. We are constantly repeated, that the observance of basic safety rules include blocking access to systems containing sensitive data to minimize internal threats. However, only a few months after the attacks, Sony, RSA Security and Comodo. However, the situation in many large organizations is risky, “- said Lieberman.
“Management will have to pay much more attention to basic safety rules, or it will be forced to apologize to its shareholders and customers for the great loss of data and as a result, the violation of allegiance brand. The worst is that top management did not monitor the activities of departments IT security to avoid further mass data loss. “