You’ve trained your employees to be vigilant but passwords are still a sore point.
Employees reuse the same passwords, they use easy-to-hack passwords and they don’t keep them safe. Unfortunately, it’s easier to just accept this as fact. In any given business, it only takes one person for the above to apply and they compromise the entire network. Weak or stolen passwords are a top entry point for hackers. In a Microsoft 2019 survey of employees in Ireland, 44% of employees said they use the same password across multiple devices, and 38% recycle their passwords at work.
So, what are your options?
The short of it is you shouldn’t solely be relying on your employees to keep the keys to the Castle. Take action by implementing Microsoft Single sign-on (SSO). Your teams can use just one set of login credentials to conveniently access all their apps. With single sign-on you simplify the process for everyone, including yourself. No more memorising multiple credentials or reusing a password across apps, or worse, having them written down! And the administration of it is controlled from a centralised, single control panel to view, manage and secure all your user’s access, allowing you to determine who has access into the network, whether they are internal employees or external partners, permanent or temporary.
In addition to beefing up password security, use Multi-Factor Authentication to make it far more difficult for attackers to obtain and use stolen credentials. This is a way of ‘doubling up’ on security by asking a user to identify themselves to the company network. They will have to verify themselves using a code sent to their mobile phone, email address, or from an authenticator app. This ensures that if an unknown attempt is made to access your company’s network with the correct set of login details, they will have to additionally verify their self on an approved employee device to prove their authenticity. Facial recognition or fingerprints can quickly log in across devices, apps and browsers removing the need to remember a password.
These solutions are a great form of defence. But so is education. As stated, your biggest weakness into your network is your employees. More than 61% of hacking-related breaches are caused by stolen credentials*. And the reason? Because it’s actually quite easy to fall victim to a request for sensitive information. They’ve become more sophisticated and better disguised than the original set of Hotmail emails claiming to be Nigerian Princes. Now it’s Santander, HMRC and Royal Mail branded lookalikes making requests to your Accounts Payable team for immediate invoice details. They create a sense of urgency and panic. What’s more, it only takes one employee to compromise an entire network. Make sure the ‘human firewall’ at your business is sufficiently trained to spot suspect activity, phishing emails and other deceitful requests for company information and alert IT.
Thankfully, the solutions needed to tighten your business’s security are less drastic than you think, all it really requires is a simple shift in mentality. Start thinking about security without boundaries, and adopt a zero-trust policy. In such a model, all users and devices — both inside and outside the corporate network—are deemed untrustworthy until they prove otherwise. All KBS security products are created with a zero-trust mentality in mind; it forces the user to prove they have the right to access your Business network. It may sound extreme, but consider the cost? Security is as much a reputational priority as cash flow or quarterly earnings. It needs to be a foundational element of any Business, no matter how big or small.
We are all on a digital transformation journey. Now is the time to get the building blocks right, if you build the foundations to incorporate an agile security strategy, you set yourself up for future digital success. Speak to us today about our full range of security solutions included in our Basic, Business and premium security solutions.
*According to the Verizon Data Breach investigations report of 2021 https://www.verizon.com/business/resources/reports/dbir/