- I can't recommend this rugged power station enough to drone users -- now with $340 off for Black Friday!
- Give your iPhone 16 thermal camera superpowers with this gadget
- This power station has an irreplaceable emergency feature (and now get $350 off for Black Friday)
- This ultra-thin power bank is a must-have travel gadget (grab it cheap in this Black Friday deal)
- The Jackery Explorer 1000 V2 is one of the best entry-level portable power stations (and it's now half price for Black Friday)
Half of IT Leaders Store Passwords in Shared Docs
Nearly half (46%) of IT and security leaders still store corporate passwords in office documents like spreadsheets, exposing their organization to significant cyber risk, according to a new study.
Identity management vendor Hitachi ID polled 100 executives across EMEA and North America to understand better how secure their password management is.
It estimated that each employee might have as many as 70-100 passwords and “decentralized secrets” that could be used by attackers to gain access to and move through an organization.
Although nearly all (94%) respondents claimed they require password management training, with 63% saying they do so more than once a year, many appear not to be following their own advice. Just 30% said they use company-provided password managers, and some even resort to pen and paper.
“It raises an important question about how effective password management training is when nearly half the organizations are still storing passwords in spreadsheets and other documents, and 8% write them on sticky notes,” said Nick Brown, Hitachi ID CEO.
“Insecure passwords are still a leading cause of cyber-attacks, and education alone is clearly not enough.”
Question marks were also raised about the risks posed by departing employees. Only a third of respondents said they were “somewhat” (20%), “moderately” (8%) or “extremely” confident (5%) that they could transfer passwords, terminate access and maintain business continuity if they urgently need to terminate an employee.
Last year it emerged that a former employee at a credit union destroyed 21GB of corporate data, including 20,000 files and almost 3500 directories in retaliation for being fired.
Although a colleague requested that the firm’s IT support provider disable the woman’s network access, she was apparently able to able to use her username and password as normal for around 40 minutes.
Some 29% of respondents to the Hitachi ID study said they’d experienced an incident in the past year where they lost access to systems after an employee left the organization.
