05 Jan Password protected – or your biggest threat?
As we move into the New Year, at KubeNet we’re reflecting on an eventful 2017, with an even bigger 2018 to come. With GDPR set to change the way businesses like yours gather, store and secure data, there’s no better time to take stock of what you need to do to help meet regulatory change, and of course to protect you against cyber crime – 2018’s other major challenge.
Here’s one simple step you can take to start the process.
At Kubenet, we see a lot of security issues and our specialist teams work with our customers to implement the latest in threat detection and prevention though our own managed service.
However, we are constantly disappointed and often amazed by the lack of attention paid to the first line of defence – the password.
What’s the problem?
Basically it’s people. A few days ago it emerged that even our Members of Parliament – who you would think would be completely security conscious – share their passwords with their staff so they can access documents and reports. They even give them to interns. So maybe the fact that so many leaks emerge isn’t a surprising as we might think. Plus, with the rise of mobile comes accessing wifi through hotspots. People love them. And so do hackers.
If you add to this the fact that in the last year millions of passwords have been stolen as part of data breaches – Equifax, Uber, and Talk Talk to name but a few, and you can see how cyber criminals can analyse passwords to create cracking tools that then affect the rest of us.
Last year, Keeper analysed 10 million of the hacked accounts to see what these passwords were. Here are the top 10.
Stunning, isn’t it? Almost 17% think 123456 is a secure password. And in at Number 8, it’s – password. Dictionary based cracking tools can undo these in nanoseconds. And the top 25 passwords accounted for 5 million off the 10 million sample.
The people factor
The simple fact is that people don’t like passwords. They find them difficult to remember, particularly if they are changed as frequently as they need to be. We’ve even seen people’s passwords on post–it’s stuck to their computer. Education your human firewall needs to cover not only their work networks access, but also their personal online activity too. With the rise of Bring Your Own Device, home working and shared accounts, it’s a critical aspect of security.
In the Top Ten, four are six characters or fewer. That makes them easier to crack. Even attempts at “unpredictable” passwords turn up again and again.
What can you do about it?
There are a number of things you can do. Educate your people. Get a Password Manager tool. And you can’t complain if you don’t enforce basic password policies.
The best thing you can do is to plan and to be ready. Our KubeNet Managed Firewall Service is a state of the art business class solution built for businesses like yours. KMFS protects your network from unauthorised access and other security threats. Hosted in secure carrier-class Data Centres, the service is provided as a virtual solution from a private cloud, on an IaaS basis. As such, you can benefit from the increased management, without the need for expensive capex & on-site maintenance fees – vastly reducing the total cost of ownership.
Find out more here. And don’t forget to Follow us on LinkedIn for our latest threat detection and prevention information.