Australian Government Security Audit Shows Why Your Business Needs A Password Manager

By

Password Manager Blog

 

Released earlier this week by the state’s auditor general, a Western Australian government security audit revealed that 26% of its officials had incredibly weak and easily guessable passwords. More than 5,000  of the 234,000 passwords across 17 government agencies included the word “password”.

Western Australian Government Password Audit

This included 1,464 people using “Password123”, 812 using “password1” and 176 using “abcd1234”. Close to 13,000 people used different variations of the season and date, with a staggering 7,000 including “123”.

While this can seem ridiculous and in some cases even funny, there were very serious potential outcomes as a result of this. The report found that a significant amount of these accounts are used to access very important information, as well as vital government systems. One such case showed that auditors were able to gain access to a government agency’s network with full administrative privileges by guessing the password “Summer123.”

The report found that, in most agencies, no help or support was given to users to store their information securely. As a result, some employees were storing passwords in Word documents and spreadsheets.

It’s understandable why people attempt to simplify their workplace access by using a simple or singular password – the average enterprise uses 91 services (Skype, Slack, OneDrive, Social channels, CRM, Marketing software, Sales automation, Website etc.). However, a staggering 81% of breaches are caused by weak or reused passwords. With more accounts than you can possibly recall, how are you supposed to remember strong, unique passwords for all of them? The simple answer is you can’t – but a password manager can.

What is a Password Manager?

A password manager is an application that creates, remembers and automatically fills in your passwords for you. Log in to an account one time, or manually add log in information to your password manager, and it will automatically store your username and password. All your passwords are stored in an encrypted format, which means they’re safe and protected. A password manager provides fast, secure and easy access to all your stored passwords with the help of a single master password.

A password manager can be incredibly beneficial for any business that wants to boost security, simplify the onboarding and offboarding process, as well as help employees manager their passwords more effectively.

Why is this important?

Simple Onboarding and Offboarding

A simple onboarding and offboarding process helps your organisation save time and money. Likewise, when an employee leaves your company, it is important that your password manager has the ability to revoke their access to work related passwords and data. According to a SailPoint Market Report, more than 2 in 5 employees reported have access to a variety of corporate accounts after leaving their last job.

The report concluded that an efficient onboarding and offboarding process helps prevent some of the internal security risks with provisioning and application usage.

Passwords are essential

No one needs to be told that passwords are important – we all know this. But it’s important to remember that your password is your first line of defence. Put simply, no matter what service it is that you’re using, the security is often times only as good as the password that you’ve set.

Making a very strong password is often complicated. A password manager really takes a lot of the pain out of the process and makes an often complicated and time consuming process simple and easy. A password manager does this by creating and remembering a new, strong and complex password for you that is much stronger than anyone could come up with.

Unique

Creating a solid, complex and secure password is great – but if it’s not unique it’s pointless, which is so often overlooked.

A site or application’s security is only as good as the password you use, which means a site’s security could be worse than your password! If you’re using the same strong password across multiple sites, accounts and applications, then those sites and services with inadequate security could endanger your information in places that are serious about security.

Account volume

Lets face it – you have more accounts than your team can handle, we all do. The average organisation uses 91 services, which means that even if you created unique passwords for all of them, you’d never be able to remember them all.

One study found that people had an average of 37 password reset emails in their inboxes. 37 times someone forgot their password. 37 times someone had to undergo the tedious reset password process and create a brand new unique password.

With an enterprise level password manager, the need to reset passwords is completely removed. Likewise, when one person forgets the password, they aren’t resetting an account password that everyone else then needs to update.

Simplicity

Password managers significantly increase your security while also simplifying your life… how often does that happen!?

A password manager requires you to remember a single password – that’s it – then it does the rest. No more trying to remember if it was a capital letter in this password, or a 3 instead of a capital E – and best of all, no more password resets!

 

You can learn more about why your business needs a password managerhow to create a strong password or how to protect yourself against email threats.

 

For over 15 years eStorm Australia has been partnering with business, education and government as their trusted Managed IT Services provider and single source supplier. Our team of specialists deliver superior on-site and remote services tailored to suit your specific requirements.

Call us today on (07) 3120 0640 or email us at [email protected].

 

News story source: The Washington Post