With security becoming a prominent focus in recent months after a series of high profile data breaches, it seems strange to suggest that the trusty password is coming under threat.
But, until that happens, passwords are still very much a vital security practice.
We recently had the chance to speak to Alexis Fogel, Co-Founder of password management firm Dashlane, about cyber security practices and the benefits of having a password manager in place.
- An influx of devices has made it harder for firms to stay on top of their digital footprint. How can companies ensure they do stay on top and why is it important to do so?
Businesses must ensure they have the correct safeguards in place to protect against a breach. For example, implementing a sound password policy will considerably help shore up defences against this escalating global risk.
Currently over 90 per cent of passwords implemented in a business are susceptible to hacking, so there is a lot of education to be done.
They must also make sure that employees are sharing work passwords in a safe and secure way using an encrypted service as opposed to simply writing passwords down. With so many employees using a variety of devices of work, often their own, it also essential to use a system that can work across platforms and integrate BYOD devices will also to ensure there are no cracks in a company’s digital security.
- What makes Dashlane's password manager different from its competitors?
We believe our product provides users the cleanest and easiest to use interface on the market while working consistently across all major platforms. We wanted Dashlane to be something that everyone could use from early adopters to far less tech-savvy people.
We also wanted to create a product with truly unique features that provide real value. An example of this would be our Emergency feature, which allows you to define a trusted contact that can access your personal information in case something happens to you.
- What are the key benefits companies can get from using a password management system?
By using a password manager and eliminating the need to remember all your passwords, our users can have unique, complex codes for every one of their accounts. This means each employee within your organisation is as secure as they possibly can be online protecting company data that they have access to.
Our users also save a lot of time and energy because we automate many processes they do online numerous times every day. Things which previously took minutes, like remembering log-in details to online checkouts and forms, now take seconds with Dashlane. We calculated that heavy Dashlane users save around 50 hours a year on such tasks – more than a working week!
Another time-saver in the work environment is our password sharing feature, which allows employees to share work passwords seamlessly with one another. Work passwords can also be changed automatically across everyone’s system without the need for individual updates. Just think, no more searching for the Twitter log-in or trying to contact staff who have gone on holiday without sharing the correct log-in details for company services...
- What are companies doing wrong at the moment when it comes to security?
Putting considerable constraints on employees often leads to many of them bypassing them, so it’s important to find the right pragmatic balance between security and what is achievable within staff’s day-to-day work schedule.
Of course, advanced multifactor authentication systems will be necessary in certain lines of business for very sensitive data. However in most cases implementing a strong company-wide passwords policy will go a long way to securing your companies all-important data.
- With regards to cyber security in general, have you noticed a difference in approach between UK and US businesses/consumers?
I don’t think there is a different approach per se. What is evident is that businesses on both sides must improve the ways they manage this ever-growing cyber security risk.
The need for cyber-insurance strategies is becoming very clearer as companies recognised the need for proper protection. However, each business must first also take responsibility for providing their own layers of strong online security to ensure enhanced security against external threats.
- How have cyber-attacks developed over the last few years?
It’s clear that cyber-attacks have evolved and are now a constant threat to business, whatever the size of the company, be it a world-conquering conglomerate or a startup.
In 2014 alone, 81 per cent of large businesses and 60 per cent of small businesses suffered a security breach.
In a separate report on World Economic Global Risks 2015, cyber-attacks ranks above even natural catastrophes and state collapse – and only marginally below weapons of mass destruction – as a major risk in terms of likelihood and impact.
- What trends do you expect to see in the next few months and years?
It seems likely that there will be a growing adoption of solid and substantial cyber-security insurance schemes, as businesses recognise the growing threat and take all necessary precautions against a breach.
A UK government report recently revealed that when it comes to cyber insurance for cybercrime and attacks, a staggering 98 per cent of British firms aren’t covered. And 22 per cent of SMEs admit they “don’t know where to start” with online security. And even something as simple as password management has them scratching their heads. This is something that has to change.
As consumers become more familiar with sound online security practice, we will likely see wide-scale adoption of strong password policies, which will then filter into the workplace. With so much integration between our work and personal devices, it makes sense that both individuals and companies alike will adopt systems that work across all the whole spectrum of their online lives.
- What tips would you offer to small companies looking to be as secure as possible?
Due diligence will reveal there are efficient and cost-effective ways to ensure a business is not exposed to a breach. Increasing password security policies, for example, considerably boosts the security of any organisation.
Such a step can also help companies ensure strong security policies are being integrated throughout the workforce, especially when accounts are being shared amongst colleagues. Choose your partners carefully too, as breaches can often be the result of other connected security systems as well as your own.
At any rate, don’t tell yourself that you are too small to care about security. Most companies only tend to get serious about security after a breach. Why not put the necessary precautions in place and avoid the hassle.
More undoubtedly needs to be done to stop the threat of cyber-attacks. The good news is that a little common sense can help organisations of all sizes sure up their defences without splurging on hugely expensive premiums.