Marriott, Target, Home Depot and others have made headlines in recent years for data breaches that affected millions of customers. But did you know that 43 percent of breaches hit small businesses? Limited resources and lack of expertise often leave security gaps in smaller organizations, compounded by weak passwords and other risky practices.
For instance, in the Target attack, hackers stole credentials from a much smaller company in the retailer’s supply chain. They then used the stolen credentials to access Target’s network. Sadly, similar scenarios play out over and over again. And users make the job much easier for criminals by opting for convenience over security.
No business wants hackers in their system. But unfortunately, by continuing to allow weak passwords, they leave the welcome mat out and the door unlocked. Consider whether you have seen any of these common password mistakes in your business.
For instance, do multiple techs share passwords for privileged accounts or keep a list of passwords stored in a spreadsheet? Perhaps you or other employees re-use passwords to avoid trying to remember dozens of different credentials. These password practices may save some time in the short term, but they leave your business vulnerable to attack.
According to the most recent Verizon Data Breach Investigations Report (DBIR), compromised credentials play a factor in 80 percent of hacking-related data breaches. Cyber criminals exploit weak passwords in several different ways. Some of the most common include:
In addition, leaving passwords on sticky notes or in publicly available files leaves users and businesses open for more targeted attacks. Consider the password posted next to a server or PC. Anyone with physical access to the computer can then gain access to the network.
The Ponemon Institute reports that the average cost of a data breach has risen to $3.92 million. Add to that the inevitable damage to business reputation, and the loss can prove catastrophic for a small business.
Businesses that take steps to ensure against weak passwords significantly strengthen their defense against cyber attack. The Verizon report urges the use of multi-factor authentication and password managers. In addition, password policies should emphasize and enforce good password hygiene, particularly for privileged accounts.
The data security experts at eMazzanti have helped hundreds of small businesses implement comprehensive cyber security. We keep up-to-date on the latest developments in business security so that we can customize a solution built for your needs.
The office worker of even 20 years ago could scarcely envision today’s dynamic and interconnected…
Artificial Intelligence (AI) has taken center stage, captivating attention primarily through its role in self-driving…
The ability to generate compelling, original images using AI is changing the way we think…
With Microsoft Dynamics 365 Sales, businesses gain a powerful tool for nurturing leads, leveraging AI-based…
Annual Channel Futures MSP 501 global ranking identifies industry’s best-in-class businesses on Tech Industry’s most…
Carl Mazzanti is the president of eMazzanti Technologies in Hoboken. You engage with vendors…