Half of UK companies admit that business user accounts in their organisation are ‘not very secure' largely due to their reliance on passwords as a digital ID credential. And among the culprits were the majority of sysadmins of whom 86 percent use only the most basic username and password authentication to access and protect their main business account on-site.
Other key findings of the research conducted by by Vanson Bourne in July 2017 for Intercede include the worrying statistic that 17 percent of system administators fail to even use complex passwords – something consumers are continually warned about.
Retail was found to be the worst offender with 92 percent of those with systems administrator access at retailers still using passwords as the primary form of access, followed by manufacturing at 82 percent.
Even in the more advanced financial services sector just a quarter of companies are using alternative, more secure, methods including virtual smart cards and PINs.
With 81 percent of hacking related breaches exploiting stolen or weak passwords Intercede describes user authentication as the weakest link in the security chain. Richard Parris, CEO and chairman of Intercede commented: “Sysadmins effectively hold the ‘keys to the kingdom', and relying on username and password authentication is a bit like relying on a basic Yale lock to secure your front door. Even the least security conscious of us also bolt the door with a five lever mortice lock and many go much further. In today's age of the hack, when compromised passwords are the root of the vast majority of security breaches, UK businesses clearly need to do much more – it isn't simply their data that is compromised, it's ours.”