IT Security Pros: Former Employer Systems Breached With Old Credentials
A new survey reveals many organizations fail to implement effective password security practices.
LOS ANGELES – More than 13 percent of IT security professionals admit to being able to access previous employers’ systems using their old credentials, a new survey from Lieberman Software Corp. reveals.
According to Lieberman, the survey was conducted at a recent IT security conference and looked at the attitudes of more than 270 IT professionals toward password management and cloud security. It revealed that of those who can still access their former employers’ systems, nearly 23% can get into their previous two employers’ systems using old credentials and more than 16% admit to still having access to systems at all previous employers.
“The results of this research show that a fundamental lack of IT security awareness in enterprises, particularly in the arena of controlling privileged logins, is potentially paving the way for a further wave of data breaches,” Philip Lieberman, CEO and president of Lieberman Software, says.
Organizations must implement a policy where privileged account passwords are automatically updated on a frequent basis, with unique and complex values, Lieberman advises. That way, when an employee does leave the company, he or she is not taking the password secrets that can gain access to highly sensitive systems.
Other findings from the survey reveal that nearly 84% of organizations have a policy to ensure contractors cannot access corporate systems after they leave the company; however, more than 16% of respondents admit that their organization either does not have such a policy, or they are not aware of one.
“Companies and government agencies should not take such a lax approach to password management, especially given the attention that the Edward Snowden NSA scandal has received,” Lieberman says. “Basic security best practices include minimizing the insider threat and sophisticated criminal hackers by managing the powerful privileged passwords that grant access to systems containing sensitive data.”
To view the complete survey, click here.
If you enjoyed this article and want to receive more valuable industry content like this, click here to sign up for our FREE digital newsletters!
Security Is Our Business, Too
For professionals who recommend, buy and install all types of electronic security equipment, a free subscription to Commercial Integrator + Security Sales & Integration is like having a consultant on call. You’ll find an ideal balance of technology and business coverage, with installation tips and techniques for products and updates on how to add to your bottom line.
A FREE subscription to the top resource for security and integration industry will prove to be invaluable.