It’s time to rejuvenate your password security! Take action to update and refresh your passwords, regardless of any suspicions of compromise or potential vulnerabilities. This is of utmost importance, even if you rely on a physical method like jotting them down on paper or using numerous sticky notes instead of a password manager.
Considering the recent breach and previous incidents in 2022, it’s highly probable that some of your employees have at least one or more passwords exposed in the wild. Blaming LastPass or any other specific service is irrelevant. If someone has been using the same password for over a year, they are likely endangering both themselves and the company.
It’s also crucial to reassess your reliance on password managers. Do you really want to entrust all your passwords to a single vendor? There may have been a time, around 5-7 years ago, when using password managers seemed exceptionally convenient and secure. However, the LastPass breach clearly demonstrated that even the most seemingly foolproof systems have their flaws and can be hacked.
Managing employee access
To take your security measures to the next level, prioritize ongoing employee training to empower your teams in recognizing and avoiding phishing and malware tactics. The behavior of users within organizations has repeatedly proven to be a major vulnerability, often resulting in exposed credentials.
In 2022, at least two studies indicated that employee errors or mistakes were responsible for either 88% or 95% of data breaches. Regardless of the exact figure, it is an alarmingly high percentage that cannot be overlooked. Moreover, this number is likely to increase unless organizations reconsider how they provide and manage access to critical systems. In many cases, employees have access to resources that are unnecessary for their roles.
Therefore, it is essential to invest in continuous training programs and raise awareness among your staff. By educating them about the risks, teaching them to identify and avoid common threats, and regularly reinforcing security best practices, you can significantly reduce the likelihood of data breaches and strengthen your organization’s overall security posture.
Give us a call at 732.780-8615 or email [email protected] to discuss how we can get your employees started in our Security Awareness Training and Phishing Simulations today!
Excerpt taken from Rick Grinnell, “Fresh start: Time to reset passwords and rethink your password management strategy“, www.cio-com, Feb. 7, 2023