Centrify has revealed the results of an onsite poll conducted at RSA Conference 2020, held last week in San Francisco. The survey asked conference attendees about their cyber hygiene habits at work to determine how much of a threat they posed to their organization’s overall cybersecurity, ultimately revealing that employees themselves pose the largest threat.
Nearly 60% of respondents correctly identified employees as the largest threat to their organization’s security, followed by hackers (23%) and third-party vendors/partners (18%).
Additional poll findings further validated why employees pose a cybersecurity threat in the first place:
● 40% of respondents have tried to bypass a corporate security policy at work
● Nearly 1 in 4 respondents (23%) use the same passwords for work and personal accounts, defying industry best practices
● More than 1 in 5 respondents (21%) still store passwords on their phone, computer, or in a printed document, violating industry best practices
“81% of hacking-related breaches leverage stolen and/or weak passwords, according to Verizon’s Data Breach Investigations Report. All it takes is one employee using a weak password to open the doors,” said Torsten George, Cybersecurity Evangelist at Centrify. “That’s why every organization should enforce frequent password changes and use single sign-on (SSO), and privileged credentials should be stored in a password vault.”
On a positive note, the poll also revealed that less than 15% of respondents reported having previously shared their work login credentials or used someone else’s login credentials at work.
The poll results illustrate that every employee has an important role to play when it comes to protecting their organizations from cybersecurity threats. Simple best practices to help reduce the risk of being compromised include:
• Make Your Password as Strong as Possible
• Implement Multi-Factor Authentication (MFA) on All Accounts: Centrify also announced support for passwordless authentication using biometrics, such as Windows Hello and Apple’s Face ID and Touch ID.
• Don’t Take the Phish Bait.