EDITOR’S QUESTION
SHOULD BUSINESSES
AND ORGANISATIONS
BE DOING MORE
TO STRENGTHEN
PASSWORD SECURITY?
//////////////////////////////////////////////////////////////////////////////////////////////////////////
L
astPass by LogMeIn, a leader in
password management, has released
its 2018 Global Password Security
Report, revealing true password behaviours
in the workplace and creating a benchmark
that businesses can use to measure
progress when investing in password
security tools.
The global report, which analysed
anonymised data in more than 43,000
companies of all sizes, industries and
geographies using LastPass as their business
password manager, draws a precise picture
of password management for the business
IT community.
Two benchmark scores are highlighted in the
report: The LastPass Security Score and the
LastPass Password Strength Score.
Data from the report reveals that
while businesses are making strides in
strengthening password security, there’s
more work to be done – with the average
password security score of organisations
found to be 52 out of 100.
“Security professionals often fail to consider
the value of the first factor of enterprise
authentication – the password.
“Despite the sophisticated security measures
enterprises are putting in place, something
32
INTELLIGENTCIO
as fundamentally simple as a password
is tripping them up,” said Frank Dickson,
Research Vice President, Security Products
at IDC.
“Having a security benchmark such as
what LastPass has provided with this
report will help enterprises quantify their
password risk, compare how they stack up
to enterprises of similar size and gauge the
effectiveness of their enterprise password
management deployment.”
Additional key findings include:
Technology industry is leading the
pack in password security
The highest average security scores are in
the technology industry (53). This is not
surprising due to the privacy and data laws
with which most must comply.
What is surprising is that heavily regulated
industries like banking, health, insurance
and government are not achieving
comparable (or even superior) average
security scores:
•
•
•
•
•
Banking: 49
Health: 49
Insurance: 47
Retail: 48
Government: 49
Multi-factor authentication is
gaining in popularity
As concerns about password security grow,
multi-factor authentication is an increasingly
favoured way to protect an organisation. A
total of 45% of businesses use multi-factor
authentication, which represents a significant
increase from last year’s 24.5%. Again,
the technology sector leads the pack with
31% adopting multi-factor authentication.
Whether it’s a greater awareness of available
options or a stronger culture of security,
organisations in the technology sector are
prioritising extra protection:
•
•
•
•
•
Banking: 16%
Health: 3%
Insurance: 3%
Retail: 13%
Government: 2%
The bigger the company, the lower
the security score on average
Organisations with less than 25 employees
had the highest average security score of
50 and the average drops as the company
size increases. More employees bring more
passwords and unsanctioned apps, as well as
extra opportunities for dangerous password
behaviours. In larger organisations, it’s
simply more challenging for IT to hold all
employees to password security standards.
www.intelligentcio.com