A majority of small businesses don’t have the funds to deal with the aftermath of a cyberattack, which have an average price tag for small and medium-sized businesses (SMBs) of $1.43 million US, up 33% from 2017.
Many business owners hope they can fly under a hacker’s radar, but statistics show that’s not the case.
Small businesses are one of the biggest targets for data breaches, often because they have lax password security. Today’s small business owners face multiple technology-related threats that can put their company’s well-being in danger.
Addressing them with a holistic approach and Managed IT Security is the best way to defend against them. While there are many technology solutions, like sandboxing, end-point security, and anti-malware programs, one often overlooked key to good cybersecurity is proper password strength and management. The following surprising statistics will show you just how important password security is to your overall IT security.
Statistics on Password Security You Need to Know!
You can have the most robust software in the world, but if a password gets hacked, it’s like giving a cybercriminal an open invitation to your network and devices. We’ve reviewed the report, “2018 State of Cybersecurity in Small & Medium Size Businesses” by Ponemon & Keeper Security, as well as some other prominent sources and found several worrying statistics that your company needs to know about to reduce your risk of a data breach. Password security is perhaps one of the most vital pieces of any good IT security plan, as backed up by the following facts.
81% of Data Breaches are Due to Poor Password Security
The main way that networks are compromised by malicious malware, viruses, ransomware, and other breach vehicles is through weak passwords that are either stolen or hacked. Imagine if you could reduce your chance of a data breach by 81%, you’d want to know how, and it turns out it’s as simple as using password best practices. What are some of the “best practices” for handling the hundreds of passwords your office users are inputting each day?
- Ensuring passwords are at least 7-10 characters in length
- Using a combination of numbers, letters, symbols, and upper and lower-case letters
- Using two-factor authentication to secure logins
- Not using the same password for multiple applications
- Changing passwords regularly
- Not writing your password down and keeping it near the device
- Using a well-respected password management tool
54% of SMBs Don’t Have Visibility into Employee Password Practices
While a majority of small businesses (62%) say they rely on strong password practices to reduce their risk of a cyberattack, over half of them say they don’t know or aren’t sure if they know how their employees are handling their passwords. This is not uncommon and reveals a huge gap in the cybersecurity strategy of many businesses. Do you know what policies your employees are following when it comes to creating and storing passwords for logins to company applications?
Only 22% of Companies Require Use of a Password Manager
We know that we shouldn’t use the same login for multiple programs, yet many still do it even though it’s a big security risk. Why? Because it’s nearly impossible for one person to remember the average of 90-130 passwords they use regularly, especially if they’re all strong passwords and all different. Here are the top three ways employees are currently handling password management:
- Human memory (53%)
- Leads to the use of weak passwords and reusing them multiple times
- Spreadsheets (51%)
- Easily hacked, revealing multiple passwords in one document
- Writing on paper or a sticky note (30%)
- Allows a thief into a device immediately, because they’re often placed on or near the device that they’re used with
Password managers offer a way to significantly increase password security, yet only 22% of SMBs are using them.
69% of Employees Admit to Sharing Passwords with Colleagues
Instead of treating passwords like you would the key to your home or automobile, people tend to treat them as less important and thus 69% say they share them with colleagues for account access. When it comes to good password security, it’s about more than just the mechanics of cybersecurity. It’s also about the mindset that a password is the only thing protecting your data, customer files, and financial records from theft and potentially from a devastating data breach. Companies that have a mindset that includes how important login credentials are, tend to instill those practices in their employees.
71% of Companies Considered High-Performing Use Strong Passwords
The top performing companies place a premium on strong passwords and/or biometrics to help reduce the chance of a credential breach which could lead to a data breach of their system. These high performers tend to fully understand the importance of good password management, which helps to ensure they’re staying productive rather than dealing with stolen or hacked passwords. They see good password security as a “vital part” of their organization’s overall security defense, understand that small businesses are no less likely to be a target of ransomware than larger ones, and know that they need a multi-pronged approach to reduce risk.
Sign Up for Holistic Managed IT Security
Managed IT Asia helps small businesses look at all facets of a strong cybersecurity defense. This includes password security and management as well as multiple other factors that combine to reduce the risks of a costly data breach.
Sign up for your free IT security consultation today! Use our webform or call +65 6748 8776.
MANAGED IT ASIA, we are an IT Support, IT Solutioning and Managed IT Service Provider specializing in serving Small Businesses across Asia. Call us at +65 6748 8776 and let us manage your Small Business IT today!