How Sloppy Security Practices Put Companies at Risk

In today’s online business environment, security is nothing to scoff at. Yet, there are many businesses that don’t play by the rules when it comes to monitoring account security on a shared network. This puts both themselves, and their businesses, in danger.

According to a recent study by Dimensional Research, a grand total of 83 percent of respondents found difficulty with managing administrative passwords and accounts. This number is huge, especially considering how important administrative accounts and passwords are to maintaining the integrity of any business’s critical systems. This can only mean one thing; businesses have the systems and practices put into place, but they’re not being enforced as strongly as they should be.

Here are some other statistics to take a look at:

• 37 percent of all administrator passwords on mission-critical hardware and software aren’t consistently changed.
• 37 percent of respondents claim that they use shared credentials with other administrators.
• 31 percent claimed that they were unable to consistently identify individuals responsible for administrator activity.
• 75 percent claim to have a default password changing process, but only 26 percent admit to changing passwords frequently.
• 12 percent of respondents claim that they only change passwords in the event of a potential security issue.
• 4 percent never change their admin passwords.

So, why is this the case? Why do businesses have trouble guaranteeing their account security? In some cases, they could be taking the wrong approach to security best practices. There have been horror stories of organizations using antiquated software to track who logs into accounts, like sign-in charts or even Microsoft Excel. Such methods are generally prone to user error and are frowned upon in today’s tech-centric environment.

The solution to this predicament isn’t a simple approach. It’s a two-pronged offensive that requires the enforcement of proper username and password protection, and the monitoring of access logs by your business. For your passwords, no two users should have the same credentials at any given time. Everyone should have their own unique access credentials that follow password best practices. Users should make passwords long and complex, with both upper and lower-case letters, numbers, and symbols. Using an enterprise-level password manager can make remembering these long passwords much easier.

Another great way to ensure that your organization’s employees stay accountable is through monitoring and maintaining access logs that dictate when and how users access your network. This is important for several reasons. For one, it makes sure that only authorized users are accessing the network. Second, you know that something is wrong if someone from the other side of the world accesses your network. By keeping a close watch on your access logs, you can effectively maintain maximum security while ensuring that your employees are held accountable for their actions while on the private network.

For more information about security best practices, give us a call at (732) 291-5938.