A culture of carelessness amongst US business owners is jeopardizing company security and inviting cybercrime, especially when it comes to password hygiene.
A study from Swivel Secure that questioned 2,500 working Americans on their internet security habits highlights how business-owners are taking insufficient steps to secure access to their workplace systems, setting a bad example to staff and dangerously exposing their company data as a result.
According to the research, nearly three-quarters (74.2%) of business owners keep a written log or have another offline system for recording their passwords. And worse, the study has also revealed that 63% of business owners continually re-use the same passwords to log in to different systems, yet 61% remain ‘unconcerned’ with the security of their corporate systems.
The study also suggests that this ambivalence has trickled down to influence the attitudes and behavior of employees. A staggering 73% of US full-time workers admit to re-using the same batch of passwords online, with a third (33%) using less than five different passwords to access between 25 and 50 personal and business sites.
“A significant proportion of last year’s $46 billion global spend on cyber security will have been wasted as a direct consequence of password reuse,” said Fraser Thomas, vice president of international at Swivel Secure, in a statement. “By continuing to rely on this outdated form of authentication, US business owners are undermining their investment in firewalls and other costly network security measures and leaving themselves dangerously exposed to cybercrime. Password reuse is rife. As a result, it may only take one employee’s Twitter or Amazon password to be hacked for unlawful and undetected access to their company systems to be gained.”
The study also suggests that diligence online appears to decrease with age. A huge 71% of 55 to 64 year-olds are ‘unconcerned’ by the security of their work IT systems, compared with 47.1% of those aged between 25 and 34.
“For many, logging in with a username and password has become little more than a mechanical inconvenience,” continued Thomas. “Business owners must take responsibility for securing their systems at every level within their organizations. There are a wealth of flexible, easy to use and cost effective strong authentication platforms available which can be utilized to eradicate these risks.”