Sharing Log-In Details Presents a Security Threat

By Tony Kontzer
  • Previous
    Sharing Mode

    Sharing Mode

    23% of users in this survey have willingly shared their network passwords with one or more colleagues.

It seems that far too many information workers still don't fully understand the importance of keeping their log-in details confidential. In a recent study of 2,000 white-collar employees in the United States and the United Kingdom, security software vendor IS Decisions found that alarming numbers of workers don't believe their log-in details represent a security threat. What's worse, an even greater percentage of managers feel the same way. IS Decisions' report, "From Brutus to Snowden: A Study of Insider Threat Personas," also found that age is a significant determining factor, with younger workers being much more likely to share log-ins and passwords than their older colleagues. The findings serve as a reminder to IT security teams that understanding the behavior of their own users should be one of their most important jobs. "The recurrent theme is lack of education," said IS Decisions CEO François Amigorena. "This highlights the need for a tailored approach to tackling internal security that addresses everyone in an organization, from top to bottom." The company recommends some steps for dealing with this challenge, including making employees more familiar with security policies, restricting concurrent access and instituting harsher punishments for offenders. There's also one tongue-in-cheek piece of advice: Passwords are like underwear. They should be changed often, not shared with friends, kept as mysterious as possible and not left lying around.

This article was originally published on 2014-07-28
Tony has been writing about the intersection of technology and business for more than 20 years and currently freelances from the Grass Valley, Calif., home where he and his wife are raising their two boys. A 1988 graduate of the University of Missouri-Columbia School of Journalism and regular contributor to Baseline since 2007, Tony's somewhat infrequent Twitter posts can be found at http://twitter.com/tkontzer.
eWeek eWeek

Have the latest technology news and resources emailed to you everyday.