A Fifth of Workers Would Sell Business Passwords, Per Study
A new study says that one in five employees would sell their work passwords, and of those nearly half would do so for a meager $1,000 or less. According to the survey of 1,000 office workers in private organizations of various sizes, conducted by the security company SailPoint, workers are "the weakest link when it comes to security."
Although this survey should be taken with a grain of salt -- the sample size is limited and the sponsor has an interest in heightening security fears -- let's take a look at what was found, as reported by Market Watch.
Password Problems
Perhaps you have instituted a password policy and you continually remind workers to use multiple passwords, not to repeat them, not to write them down, and to be extremely careful about entering the password in public places. But that doesn't mean anyone is following directions. According to the study, the survey found the more than half -- or 65 percent -- of all workers use only one password for all of their accounts.
The reason is ease of access, and a desire for efficiency that might otherwise be understandable and even admirable. Workers don't want to spend all day struggling with technology, recalling passwords, resetting them to access the system - they want to just do their work, even if it means disobeying the business's dictates.
SailPoint President Kevin Cunningham explains, "People know it's not good. Like smoking, they know it's not good for you, but they do it. They know it's not good to speed, but they do it," Cunningham says, comparing it to other bad habits. "I think we're seeing a big lag between awareness and implementation of good practices."
Improving Security
So what can you do to improve your workers' attitudes toward security? Continually reminding people of online security is important. But some experts believe that the solution lies in a password-free future and the government should prompt this technological revolution by banning passwords.
There has been a movement away from passwords for entry - some see the future of security in biometrics (like a fingerprint or eye scan), or passcodes (codes which are sent to user personal devices). Whatever the means, two law school professors -- one from George Washington University and the other from Stanford -- wrote a paper last year urging national authorities to ban the password.
Workers are not the only ones who are lazy about security. Many companies have poor password protocols for users and insufficient encryption. The professors wrote, ""The recent wave of data breaches shows that industry should be nudged so that standards can evolve," the report recommends. "Improved authentication is the ideal place for FTC intervention because there is an increasing consensus from industry and data-security experts that passwords alone are no longer sufficient for many kinds of users' accounts."
Get Guidance
If you are concerned about security, speak to a lawyer. Get guidance on what to do to make and keep your business secure.
Follow FindLaw for Consumers on Google+.
Related Resources:
- Browse Business and Commercial Lawyers by Location (FindLaw Directory)
- Why Even a Small Business Needs an HR Department (FindLaw's Free Enterprise)
- 5 Top Legal Tips for Online Businesses (FindLaw's Free Enterprise)
- 5 Legal Tips for Starting a Business (FindLaw's Free Enterprise)