Does your password let you down?
2002-04-08 - cnn.com
LONDON, England -- They may be random and private, but a lack of originality by employees when choosing computer passwords is putting companies' secrets at risk.
According to a study, employees fail abysmally when it comes to securing confidential information.
In a survey carried out by an international online security company, 60 percent of employees knew little of security awareness, while 90 percent admitting to opening or executing a "dangerous" e-mail attachment.
Pentasafe Security Technologies Ltd have questioned nearly 15,000 staff at almost 600 organisations across Europe and the United states.
It found that 25 percent of employees would opt for a word as simple as "Banana" as a safe and acceptable password -- even though it would take a hacker seconds to break into a corporate network using it.
In addition, two-thirds of security managers feel the overall level of security awareness in their organisation is either inadequate or dangerously inadequate.
Almost 50 percent of employees said that they had never received any formal security awareness training, with a third of organisations not requiring their workers to read security policy statements.
David Blackman, PentaSafe's Marketing Director said "Companies are clearly failing to protect their most valuable asset -- their information.
"Companies will train staff how to sell, but they are selling themselves short by a lack of security training."
Financial institutions, healthcare providers and public sector organizations performed only slightly better than the communications industry which produced the worst results.
According to a recent British study, passwords are often based on something obvious.
Around 50 percent of computer users base them on the name of a family member, partner or a pet. Thirty percent look to a pop idol or sporting hero.
Pentasafe has used the information to create its Security Awareness Index (SAI), which will allow businesses to benchmark their own levels of security against other companies.
Blackman added "The report is being used worldwide to identify areas for improvement and empirical support to justify any expenditure."