Skip to main content

Organisations doing password security in a risky way

(Image credit: Image source: Shutterstock/Ai825)

Organisations understand the dangers of passwords to their security posture, but it seems they are taking the wrong approach to solving the problem. 

This is according to a new report by LastPass and Ovum, which is saying that organisations are focused on technology based on features and policy and not the user.

More than half of IT execs rely on users to keep themselves safe, which LastPass and Ovum consider a risky approach. Three quarters of IT execs don’t control all cloud-based apps their employees use. Most realise the lack of control, but are doing very little to address it.

Also, three quarters (76 per cent) regularly experience problems when using passwords, and almost a third need the support of the help desk at least once a month.

“This research has clearly identified there is an urgent need to close the password security gap,” said Andrew Kellett, principal Analyst, infrastructure solutions at Ovum.

“Far too many organisations are leaving the responsibility for password management to their employees and don’t have the automated password management technology in place to identify when things are going wrong.”

“In many cases, an organisation’s password management practices are overly reliant on manual processes and far too often place an excessive level of trust in employees to use safe password practices”, said Matt Kaplan, GM of LastPass. 

“The threat posed by human behaviour coupled with the absence of technology to underpin policy is leaving companies unnecessarily at risk from weak or shared passwords. Organisations need to focus on solving for both obstacles in order to significantly improve their overall security.”

Image source: Shutterstock/Ai825