Marriott, Target, Home Depot and others have made headlines in recent years for data breaches that affected millions of customers. But did you know that 43 percent of breaches hit small businesses? Limited resources and lack of expertise often leave security gaps in smaller organizations, compounded by weak passwords and other risky practices.
For instance, in the Target attack, hackers stole credentials from a much smaller company in the retailer’s supply chain. They then used the stolen credentials to access Target’s network. Sadly, similar scenarios play out over and over again. And users make the job much easier for criminals by opting for convenience over security.
No business wants hackers in their system. But unfortunately, by continuing to allow weak passwords, they leave the welcome mat out and the door unlocked. Consider whether you have seen any of these common password mistakes in your business.
For instance, do multiple techs share passwords for privileged accounts or keep a list of passwords stored in a spreadsheet? Perhaps you or other employees re-use passwords to avoid trying to remember dozens of different credentials. These password practices may save some time in the short term, but they leave your business vulnerable to attack.
According to the most recent Verizon Data Breach Investigations Report (DBIR), compromised credentials play a factor in 80 percent of hacking-related data breaches. Cyber criminals exploit weak passwords in several different ways. Some of the most common include:
In addition, leaving passwords on sticky notes or in publicly available files leaves users and businesses open for more targeted attacks. Consider the password posted next to a server or PC. Anyone with physical access to the computer can then gain access to the network.
The Ponemon Institute reports that the average cost of a data breach has risen to $3.92 million. Add to that the inevitable damage to business reputation, and the loss can prove catastrophic for a small business.
Businesses that take steps to ensure against weak passwords significantly strengthen their defense against cyber attack. The Verizon report urges the use of multi-factor authentication and password managers. In addition, password policies should emphasize and enforce good password hygiene, particularly for privileged accounts.
The data security experts at eMazzanti have helped hundreds of small businesses implement comprehensive cyber security. We keep up-to-date on the latest developments in business security so that we can customize a solution built for your needs.
In today’s fast-paced digital landscape, businesses cannot thrive without effective collaboration. Microsoft continues its unwavering…
An email signature accomplishes much more than simply telling readers who you are and how…
Cyber security professionals work hard to safeguard companies’ information. But with criminals constantly changing their…
Domain-Based Message Authentication, Reporting, and Conformance (DMARC) is an e-mail security protocol designed to validate…
My job is to manage my law office’s cloud servers here at Justice Freaks. As…
My worst nightmare would be to date someone who isn’t who they say they are.…