- Almost half use the same password for everything at work
- 1 in 4 use a piece of basic personal info for work passwords
- Date of birth, pet and spouse names are most commonly used passwords
- 1 in 2 workers say they know at least 1 colleague’s password
BRITISH businesses are running the risk of being hacked and having confidential data leaked, due to a laissez-faire attitude towards digital security.
The news comes at a time when cyber threats are at an all-time high, GDPR legislation is coming, and businesses are exposing themselves to significant fines and risk reputational damage as a result.
A survey of 1,012 respondents commissioned by www.Probrand.co.uk has revealed that nearly 1 in 2 (46%) admitted they have the same password for everything at work.
And 1 in 4 admit they use an easily researched piece of information as the basis of their password.
Date of births were the most common easily guessable password used for digital accounts, with 37% admitting to doing this.
This was closely followed by spouses’ names, which form the basis of at least one work password for 22%.
And 1 in 5 (18%) rely on their children’s names as memorable but insecure passwords.
But British companies are not only risking hackers and external parties being able to guess workers’ passwords by doing basic research – they are also failing to carry out basic practices that can make business information more secure.
Just 1 in 4 (24%) workers say their company changes passwords for key digital accounts and services when a member of staff leaves employment – meaning that many businesses could be at risk of former employees continuing to access confidential company information.
Matt Royle, Marketing Director, Probrand, said: “It’s quite alarming how lax attitudes seem to be towards online security within many UK businesses – even when big companies suffering large scale security breaches are making headlines on a regular basis. The reputation and financial damage simply isn’t worth the risk. Cyber breaches are now considered a business disaster and the disruption caused can put companies out of business.
“It is vital that businesses protect their information, get policies and processes in place to protect their data as well as undertake business continuity and disaster recovery (DR) planning and testing.
“The humble password is still a major exposure point for many. Simple policies can force password resets and more complex password make-up that includes upper and lowercase letters, symbols and numbers. Password vaults also protect and restrict sharing.
“For additional security, modern approaches to access now include Two Factor Authentication, where a second randomised passcode is sent to the user via a smartphone for unique input.”
Shockingly, just under 1 in 10 (8%) admit they don’t even have a password protecting the computer or laptop they use for work – meaning external parties could easily access company information.