New Study Reveals Password Vulnerabilities and Concerns

Apr 24, 2007 3:23 PM

A large percent of IT and security executives across different industries have a growing concern over the use of password security, as more sophisticated network threats and breaches continue to evolve, according to findings of a new research initiative by DigitalPersona, Redwood City, Calif.

The study, titled "Secure Your Network Assets," was conducted in conjunction with the Business Performance Management (BPM) Forum, an organization that helps advance the understanding of business performance management techniques, technologies and processes in global enterprises.

The research collected responses from IT and security professionals to demonstrate that password security issues, especially the sharing of passwords among colleagues, can be critical or disastrous to a company and lead to network data breaches.

In addition, while concern around compliance has escalated, a majority of organizations admitted that they do not have a formal security system or policy in place and are not prepared for compliance regulations.

According to the study, 73 percent of respondents indicated that password security has become a bigger issue over the last year, and 77 percent stated that a network data breach could be critical or disastrous to their company.

The study suggests that leading executives are considering new types of enterprise authentication solutions, including fingerprint biometrics, which is by far the top consideration. This might be attributed to the fact that fingerprint authentication enables ease-of-use with increased productivity, a combination that topped the list of security priorities in the study. Twenty-eight percent of the companies interviewed currently have fingerprint readers in notebooks or desktops, and 80 percent expect to spend the same or more than last year on biometrics solutions.

"Executives are increasingly concerned with the misuse of passwords among colleagues and the growing danger of internal and external threats to the network," says George Skaff, vice president of marketing for DigitalPersona.

The survey also found that:

- 83 percent of IT and security executives say that security compliance and governance are important, yet less than half of respondents have any formal security system or policy in place to create an electronic audit trail;

- 68 percent of C-level executives say network passwords have been exchanged with colleagues in their firm;

- 60 percent said that they or someone in their organization have given a network password to a colleague while two-thirds of the participants said that 25 percent or more of employees at their firm have access to information that could compromise the company if stolen or exposed;

- 40 percent said that half or more of their employees access confidential information with passwords, smart cards or tokens.

With enterprise security breaches on the rise, companies must do more to stop the sharing of passwords among colleagues and put formal systems in place to meet security compliance and governance mandates, the study shows.

Companies remain challenged, however, to achieve full adoption of the biometrics solutions in place. The study found that less than half of those respondents whose companies have fingerprint biometrics (often embedded in laptops) are utilizing the technology.

"While respondents acknowledged they have laptops with embedded fingerprint readers, we found that many of these point solutions are not being utilized," Skaff says. "Companies are looking for enterprise server-based authentication solutions that enforce policies and manage the client software for these notebooks."

Want to use this article? Click here for options!
© 2009 Penton Media Inc.

This month in Access Control

• Targeting The Customer
• Electronic Pedigrees
• One Hero Among Many
• Who? What? When? Where? Why?
• More from September's issue