Despite the increasing number of high profile data breaches such as the hacking of 500 million Yahoo user accounts a recent study from Centrify revealed that customers continue to have poor password habits and do not take adequate precaution to protect their personal information.
Just one third of consumers in the UK change their passwords once a year, less or never and most opt for simple easy to remember phrases that are far easier for attackers to infiltrate!
Protecting customer data is an ongoing challenge for businesses in a time when there is a certain amount of inevitability of a security breach occurring.
So how do businesses protect valuable data while continuing to maintain productivity and avoid undermining security processes?
Many attacks begin with a compromise and as users and data move freely throughout and beyond the enterprise network boundaries this can often see the breach coming from within a company.
>See also: 3 tips to help make and manage complex passwords
Organisations must recognise that while employees should be trusted, that they represent a significant threat to the integrity and security of the enterprise’s data.
Training and educating staff and customers on the basics is imperative; it will not only protect valuable personal information but reduce the risk of a security breach as well as provide mutual benefit to both the business and its customers.
Password hygiene
Good password hygiene is fundamental and should remain central to an organisation’s core security policy.
Usernames and passwords still remain an easy entry point for hackers to gain access to a business through the proverbial front door so continual education around the importance of good password hygiene is essential.
Multi-factor authentication (MFA)
There are very few cyber security professionals that view username and password-based security as an adequate form of protection which is why many organisations are turning to multi-factor authentication (MFA) to provide the necessary safeguards in today’s complex IT and security world.
MFA alleviates password risk by requiring additional authentication factors such as a PIN, answer to a security question, and response to an e-mail or a one-time security code.
Biometrics including fingerprints, retina scans and voice recognition are starting to become more commonly used for MFA too.
>See also: Are you ready to phase out passwords?
The good news is that many consumers are eager to improve their online habits.
The survey showed that 30% of UK respondents indicated they are willing to invest time in completing security tasks if it makes them safer.
Half or more selected a fingerprint ID as one of the top two security measures they would be comfortable using.
Robust access policies
As more users access services from outside the corporate network perimeter from an ever-increasing number of devices, the risk from users is amplified and passwords alone cannot be trusted to properly and securely identify users.
Organisations need a better solution that incorporates strong authentication and delivers a common multi-factor experience across all apps — SaaS, cloud, mobile and on-premises.
The solution also needs to have adaptive policies that take into account the complete context of the access request.
Single sign-on (SSO)
Single sign-on (SSO) eliminates the need for ongoing prompts for passwords and login credentials every time another application or resource is accessed by permitting a user to enter a username and password once in order to access multiple applications.
SSO authenticates the user for all the applications they have been given rights to access and should include MFA for further protection if that single username/password combination is compromised.
>See also: The need for better password security
SSO not only enhances IT security and control but simplifies the end user experience as they only have to remember one username and password to access all of their applications whether in the cloud, on-premises or via mobile devices.
Privileged identity management
When people leave their homes in the morning they wouldn’t dream of leaving the front door open and the way individuals secure their data should be treated in exactly the same way.
The likelihood of a business being attacked is extremely high so it must become habitual for them to adhere to security basics in order to prevent a data breach.
Employees and users need to be educated and maintain security best practices until it becomes normal everyday behaviour.
Businesses should implement comprehensive privileged identity management with a granular privilege elevation to allow running certain commands or programs on demand.
Users can then log in as themselves and only raise their privilege level for individual tasks as required.
>See also: How brands can embrace life after the password
To conclude consumers can no longer afford to put their data at risk and need to follow a number of key precautionary steps to protect themselves and their personal information including monitoring accounts and frequently changing passwords.
Similarly, businesses need to face up to the reality of a breach and be providing their customers with next-level security such as multi-factor authentication which adds a layer of security that protects against a leading cause of a data breach — namely, weak passwords.
Sourced by Andy Heather vice president of Centrify EMEA