Password burden affecting security
The burden of multiple passwords continues to pose a significant IT security risk and encourages end-user behavior that endangers compliance initiatives, according to the results of a new password management survey by RSA, the Security Division of EMC, which took place during GITEX last week.
The burden of multiple passwords continues to pose a significant IT security risk and encourages end-user behavior that endangers compliance initiatives, according to the results of a new password management survey by RSA, the Security Division of EMC, which took place during GITEX last month.
“Password management continues to cause headaches and frustration for both those overseeing corporate password management and end users accessing a growing number of applications daily,” commented Kieran Hernon, RSA’s country manager for the UAE.
“The unfortunate result of inefficient and cumbersome password management can be a security breach,” he added. “Perpetrators of both internal and external attacks will look for the easy way in, and obtaining passwords – either through theft or social engineering techniques – could be the first place they’ll start. Password management technology, combined with strong authentication and continuous end user education will help to alleviate this risk.”
RSA’s survey polled a cross-section of business visitors to GITEX 2006 whose jobs involve some degree of corporate password management. 53% of these respondents claimed their company’s desire to avoid end-user frustration actually prevents their organisation from enforcing frequent password changes and/or strong password policies. 32% meanwhile claimed that they are extremely concerned that passwords are “moderately concerning.” Last but not least, 13% of those questioned said they knew know of a corporate security breach that had occurred due to a compromised password.
As part of its survey, RSA asked respondents whether it would be helpful to have a ‘master password’, that would replace all other passwords at work. 56% replied that this would be “extremely helpful”, however 81% also reported that it would also be “extremely important” to then provide an added layer of protection for such master passwords.