New study reveals password vulnerabilities

Survey by DigitalPersona and BPM Forum finds that 77% of companies believe a data breach would be devastating to their business

73% of IT and security executives think that password security has become a bigger issue over the last year, and 77% stated that a network data breach could be critical or disastrous to their company, according to the latest findings of a new research initiative by DigitalPersona, a leading provider of fingerprint authentication solutions. With enterprise security breaches on the rise, companies must do more to stop the sharing of passwords amongst colleagues and put formal systems in place to meet security compliance and governance mandates, the study shows.

The research initiative, entitled “Secure Your Network Assets”, was conducted in conjunction with the Business Performance Management (BPM) Forum, an organisation that helps advance the understanding of business performance management techniques, technologies, and processes in global enterprises. The research, which collected responses from IT and security professionals across several industries, demonstrates that password security issues, especially sharing of passwords amongst colleagues, can be critical or disastrous to the company and lead to network data breaches. In addition, while concern around compliance has escalated, a majority of organisations admitted they do not have a formal security system or policy in place and are not prepared for compliance regulations.

The study also suggests that leading executives are considering new types of enterprise authentication solutions and that fingerprint biometrics is by far the top consideration. This might be attributed to the fact that fingerprint authentication enables ease-of-use with increased productivity, a combination that topped the list of security priorities in the study. In fact, 28% of the companies interviewed currently have fingerprint readers in notebooks or desktops, and several of these companies expect to spend the same or more than last year on biometrics solutions.

“Executives are increasingly concerned with the misuse of passwords amongst colleagues and the growing danger of internal and external threats to the network,” said George Skaff, vice president of marketing for DigitalPersona.

Other key findings:

– 83% of IT and security executives say that security compliance and governance were important, yet less than half of respondents have any formal security system or policy in place to create an electronic audit trail.
– 68% of C-level executives say network passwords have been exchanged with colleagues in their firm.
– 60% said that they or someone in their organisation had given a network password to a colleague- while two-thirds of the participants said that 25% or more of employees at their firm have access to information that could compromise the company if stolen or exposed.
– 40% said half or more of their employees’ access confidential information with passwords, smart cards, or tokens.

Companies remain challenged, however, to achieve full adoption of the biometrics solutions in place. The study found that less than half of those respondents whose companies have fingerprint biometrics (often embedded in laptops) are fully utilising the technology.

“While respondents acknowledged they have laptops with embedded fingerprint readers, we found that many of these point solutions are not being utilised,” said Skaff. “Companies are looking for enterprise server-based authentication solutions to enforce policies and manage the client software for these notebooks.”

Don't miss