Ivanti today released the 2021 Secure Consumer Cyber Report. While the name may not seem relevant to non-consumer-facing businesses, the report actually highlights several critical cybersecurity deficiencies in the transition to mass work-from-home. In fact, Ivanti surveyed 1,000 Americans working from home on company-provided endpoints to understand their security habits now.
Ivanti provides an automated platform for IT services, supply chain management, and data security, with endpoint security and password security being major components. Additionally, Ivanti discovers, manages, secures, and services IT assets from cloud to edge even in decentralized IT environments.
The 2021 Secure Consumer Cyber Report finds that employees and consumers fail to enact cybersecurity tools on their home networks. This leaves both them and their workplaces vulnerable, as hackers could easily use them as stepping stones to sensitive databases. Moreover, the report found that consumers continually recycle their passwords; 1 in 4 surveyed report using a work password for a consumer service like food delivery.
Compounding the problem, 24 percent of companies do not require their employees to update their password every six months or use a one-time password generator. Another 30 percent of respondents said their organization does not require remote workers to use a secure access tool, such as a VPN.
Phil Richards, CSO at Ivanti, gave a statement with the release of the 2021 Secure Consumer Cyber Report. “The FBI issued a warning about an increase in credential stuffing attacks in September 2020 and yet consumers are still using work emails and passwords to log in to consumer apps and websites, putting the enterprise at significant risk of a credential stuffing attack. Given the increase in data breaches of consumer-based companies and online communities, it is very likely that enterprise email and passwords are already exposed on the dark web. Companies across all industries must implement a Zero Trust model to ensure that entities accessing corporate information, applications, or networks are valid and not using stolen credentials.”
Learn more about Ivanti here.
Latest posts by Ben Canner (see all)
- Why Not All Authentication Portals Are Created Equal - April 8, 2021
- 5 Things to Remember When Selecting An Identity Management Solution - April 6, 2021
- Why Governance in Identity Security is Such a Challenge - April 5, 2021