Your apathy towards security is a massive risk to your business

Home       Blog       Your apathy towards security is a massive risk to your business

Your apathy towards security is a massive risk to your business

Same password everywhere? Don't do it!As per Yener Adal's blog post last month, during the month of October, we ran our initial data breach awareness campaign. The results were interesting, disappointing and more than a little concerning – here’s the overview:

  • The initial campaign logged 16% of the currently active accounts in our helpdesk system had a single or multiple data breaches associated with it
  • Of these, we had a 19.88% response rate to the issue, which means almost 20% of our user base has compromised passwords publically available

As the business owner, manager or someone with responsibility for IT systems security, this should scare you. And if it doesn't then something is wrong!

The vast majority of employees contacted did not think the security of their account was of concern enough to make contact with their IT support team, even after being informed that an email address and password combination they’ve previously used was posted publically online. A Global Password Security Report produced by LastPass in 2018 discovered that a staggering 59% of respondents professed to reusing passwords. So the chances of someone using compromised credentials for your company network is more than likely.

What makes this even worse, during this month of security awareness, we’ve had multiple instances of staff entering their credentials into bogus websites, having their credentials harvested and their accounts subsequently hacked.

So the take away here is that people do not care about their security until it is too late, and given the potential for loss (data, financial and reputation) is a concern for the business as well as the individual, the business should do everything it can to provide services that are as secure as possible. You don’t leave the keys in the lock of the office every night right?

What we highly recommend for ANY internet accessible services at a minimum is two-factor authentication, with the second factor being a mobile phone app (the recommended option), SMS, or voice call. Any service that we recommend has this functionality built in and is very easy to set up. If you have an IT Managed Services agreement with us we will be in touch with each of you this month in regards to the specific services you use to enable this functionality, and if you don’t we highly recommend you get in touch with us to have this enabled! 

Don't wait until you've been compromised before you take action. Protect your company's data and IP like business depends on it – because it does.

Our tool of choice is LastPass which is a great tool for keeping your passwords and confidential information safe but shareable.

About the author

Eden has over a decade of experience in the IT industry. Working with numerous organisations from a diverse range of industries; education, finance and renewable energy to name a few.

Prior to joining Intuitive IT Eden worked at a top tier Managed Services provider which gave him valuable experience in a wide array of enterprise level technologies and customer environments.