Solving the “Password Problem” for Better Security
The need to strengthen enterprise authentication is almost universally acknowledged. Password security professionals are quick to look at two factor and multi-factor solutions to accomplish the goal. Clearly, the addition of second and third factors addresses the need. However, in the process, security professionals often fail to consider the value of the first factor i.e. password.
What are some of the greatest security issues companies are facing today?
The 2018 cyber-sec reality is not favorable since the sophistication of cyber-miscreants is growing rapidly. A proliferation of security tool-sets to combat the sophisticated cyber-miscreants. Since the attack surface is larger; there are a growing number of environments and devices to protect as we witness the death of the enterprise perimeter. And also, maybe most notably, we have a scarcity of qualified information security professionals to engage the threat.
So where do you start?
Well, the biggest “bang for the buck” comes from doing the basics well. Step 1 is always maintain and patch systems. As we address the basics as they relate to cyber-security, no conversation can be complete without the sobering statistic brought to us by Verizon’s 2017 Data Breach Investigations Report (DBIR). The report states that “81% of hacking-related breaches leveraged either stolen or weak passwords.”
Essentially, organizations have a password problem. Despite the sophisticated security measures enterprises are putting in place, password security is tripping them up.
There is an issue that organizations continually fail to address with common “best practices” surrounding password hygiene. It involves expectations that are completely unrealistic and mythical. Frankly, practicing such good password hygiene with 130 individual accounts is impractical. Individuals may exist who have such capacity; it would be challenging to meet one who is both willing and able.
The only way to successfully solve the password problem is to provide the organization with identity and access management tools. If you are starting from scratch, password managers are a great first step.
You may also like to Read:
The 2018 Global Report for Password Security
The Ultimate Guide to Data Retention
Guide to Rethinking your IT Security
6 Steps to Build a Holistic Security Strategy With Microsoft 365