SailPoint has released its 7th annual Market Pulse Survey (see here and here for infographics), and the findings will be disturbing for many a C-Level and IT Security practitioner.
Among the findings, SailPoint found that 1 out of 7 of the employees surveyed would sell their corporate password, some for as little as the amount listed in the title. That isn’t the only risk your data faces from your employees, however. 1 out of 5 also share their corporate log-in information with team-members, increasing the number of passwords that could be sold to blackhats. More than half of surveyed employees also admitted to using the same password for multiple corporate and personal applications, with 14% admitting to using the same password for all of them. A determined hacker with just a little bit of cash could therefore quickly and easily gain access to all of your corporate apps and data, and has multiple potential avenues of attack. Very scary, and there’s even more in the report.
That’s not to say there aren’t security-conscious citizens in the mix. Around 20% or respondents also report being victims of a breach themselves, and the same number would stop doing business with a company that put their data at risk. Half of those who would stop doing business with a company over data security issues would also recommend to their friends and family to do the same. That of course represents potential loss of revenue should a security happen to you, upping the consequences for what seems like an unstoppable and inevitable occurrence.
SailPoint does have a counter to this threat, called IdentityNow, which it goes over in the business press release for the survey. Much of the solution involves streamlining password use to increase both ease of use and security simultaneously. If that doesn’t seem like enough, you can always check out our Buyers Guide here for more top IAM solutions. Either way, a good IAM solution can help you sleep a little more soundly at night.
- Yahoo Goes Passwordless to Access Account Services - April 6, 2015
- The Identity of Things Could Streamline Government Services - March 30, 2015
- The Third-Party Threat: Are You Safe? - March 18, 2015