• About Us
  • Contact
  • Careers
  • Send Us a Tip
Menu
  • About Us
  • Contact
  • Careers
  • Send Us a Tip
CyberNews logo
Newsletter
  • Home
  • News
  • Editorial
  • Security
  • Privacy
  • Resources
Menu
  • Home
  • News
  • Editorial
  • Security
  • Privacy
  • Resources
CyberNews logo

Home » Security » Are passwords still fit for purpose?

Are passwords still fit for purpose?

by Adi Gaskell
10 July 2020
in Security
0
Businessman working on laptop.
42
SHARES

Amidst the rise in cybersecurity issues that have accompanied the coronavirus pandemic, the foremost means of hacking into a system remains the result of weak password security. The humble password has been at the forefront of cybersecurity since the earliest digital devices, and it remains the bulwark of our defenses today.

This is largely because passwords are very easy to use, and even if they’re compromised, they can be easily replaced. What’s more, they don’t suffer from compatibility issues, and you don’t need any additional hardware to use them. They’re also incredibly cheap to implement, so organizations across the world love using them. The problem is, passwords can be compromised in a panapole of different ways, rendering them a fairly porous first line of defense against hackers.

This doesn’t appear to be dissuading us from using them, however, as data from the 2020 Thales Access Management Index reveals. Their study of around 400 senior IT decision-makers from across Europe and the Middle East, revealed that nearly 1 in 3 organizations still see the humble username and password as one of their most effective security tools.

Wedded to a failing method

What’s more, despite the late Fernando Corbato, the creator of the static password, regularly stating in recent years that passwords are a poor approach to security, the Thales data found that 67% of organizations are likely to grow their use of usernames and passwords in the years ahead. For many IT managers, this is because the username and password combination is very well known at board level, which makes it a much easier sell than any more complex, yet effective, methods.

The survey goes on to reveal that security concerns are growing across the EMEA region, with the majority of IT managers highlighting that unprotected infrastructure was their main concern. As a result, Thales believe that any organization relying on passwords to keep such important infrastructure secure are leaving themselves extremely vulnerable.

“As more and more businesses move to adopt cloud-based services for CRM, email, employee collaboration, and IT infrastructure as part of their digital transformation strategies, the struggle to extend old solutions, designed to protect internal resources, to the outside world becomes very problematic,” Francois Lasnier, Vice President for Access Management at Thales, says. “Often, in an effort to adapt to the new working habits of users connecting from anywhere, which is increasingly pertinent right now and will become standard moving forward, businesses tend to revert back to old password-based logins for cloud services in despair. This is knowingly increasing their security exposure to credential stuffing and phishing attacks.”

Security versus convenience

With the coronavirus forcing so many of us to work from home, often with quite ad hoc systems, there is a clear desire among many organizations to plump for convenience over security to ensure that their workforce can remain plugged in. This is reflected in the Thales data, with nearly 70% of IT managers revealing they had been put under pressure to ensure that convenient access to applications and cloud services was provided to employees. That they were also being pressured to ensure this access was given in a secure way underlines the challenges faced.

A common solution to this conundrum appears to be strong authentication and access management solutions, which nearly all respondents revealed they were using to facilitate cloud adoption in a secure manner. Over three-quarters of IT managers also thought that employee authentication needed to do more to support secure access to a wide range of services, whether in the cloud or on virtual private networks.

The strong support for passwords had prompted many IT managers to try and make them more robust. For instance, nearly all had updated their security policies around access management in the past year, with around half providing staff with specific training on access management. While this has roots in better security, there is also a strong compliance angle, with nearly all European IT managers citing GDPR compliance as a key factor in their attempts to bolster access management procedures.

It’s likely to be an ongoing battle, however, and IT managers hope that greater awareness of cybersecurity, and indeed the presence of IT executives on company boards, will encourage greater investment into things such as biometric authentication and smart SSO. Despite general optimism towards these technologies, many still believe the use of usernames and passwords will continue in the years ahead.

“For a long time, the biggest battle IT leaders have faced is increasing board awareness around taking the threat of security seriously,” Lasnier concludes. “Now that they have that buy-in, the focus should be on highlighting the importance access management plays in implementing a zero-trust security policy to their executive management. With this in place, risk management professionals will be able to put in place a ‘Protect Everywhere – Trust Nobody’ approach as they expand in the cloud.”

Share42TweetShareShare

Related Posts

Nohow International leaks sensitive worker data

12,000+ workers’ IDs, banking details, and other personal data leaked by UK staffing agency

19 January 2021
Telegram app on mobile

Watch out: there’s a new Telegram scam about

15 January 2021
Email icon on laptop screen

How phishing attacks are evolving and why you should care

14 January 2021
Ransom message on laptop screen

Why ransomware attacks will explode in 2021

12 January 2021
Next Post
Black and white human brain divided in half into two parts in the middle.

Opinion: Why binary thinking is ruining your life

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

I agree to the Terms & Conditions and Privacy Policy.

Popular News

  • 70TB of Parler users’ messages, videos, and posts leaked by security researchers

    70TB of Parler users’ messages, videos, and posts leaked by security researchers

    82782 shares
    Share 82771 Tweet 0
  • ProtonMail review: have we found the most secure email provider in 2021?

    60 shares
    Share 60 Tweet 0
  • Best alternatives to Gmail to protect your privacy

    407 shares
    Share 407 Tweet 0
  • The ultimate guide to safe and anonymous online payment methods in 2021

    13 shares
    Share 13 Tweet 0
  • Bitwarden Review

    0 shares
    Share 0 Tweet 0
Parler partially reappears with support from Russian technology firm

Parler partially reappears with support from Russian technology firm

19 January 2021
Nohow International leaks sensitive worker data

12,000+ workers’ IDs, banking details, and other personal data leaked by UK staffing agency

19 January 2021
Facebook logo on a keyboard

Hungary mulls sanctions against social media giants

18 January 2021
Hackers leverage sophisticated and novel techniques to break into networks

Hackers leverage sophisticated and novel techniques to break into networks

18 January 2021
Health tracking on mobile

Is it healthy to track your fitness and wellbeing?

18 January 2021
Huawei logo display

Trump admin slams China’s Huawei, halting shipments from Intel, others

18 January 2021
Newsletter

Subscribe for security tips and CyberNews updates.

Email address is required. Provided email address is not valid. You have been successfully subscribed to our newsletter!
Categories
  • News
  • Editorial
  • Security
  • Privacy
  • Resources
  • VPNs
  • Password Managers
  • Secure Email Providers
  • Antivirus Software Reviews
Tools
  • Personal data leak checker
  • Strong password generator
About Us

We aim to provide you with the latest tech news, product reviews, and analysis that should guide you through the ever-expanding land of technology.

Careers

We are hiring.

  • About Us
  • Contact
  • Send Us a Tip
  • Privacy Policy
  • Terms & Conditions
  • Vulnerability Disclosure

© 2021 CyberNews

This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy Policy.

Home

News

Editorial

Security

Privacy

Resources

  • In the News
  • Contact
  • Careers
  • Send Us a Tip

© 2020 CyberNews – Latest tech news, product reviews, and analyses.

Subscribe for Security Tips and CyberNews Updates
Email address is required. Provided email address is not valid. You have been successfully subscribed to our newsletter!