Scarinci Hollenbeck, LLC
The Firm
201-896-4100 info@sh-law.comFirm Insights
Getting Employees (Through Training) on Board Is Key to Data Security
Author: Scarinci Hollenbeck, LLC
Date: April 21, 2015
Key Contacts
Back
Would your employees sell their business passwords to a third party for a measly $150? While most employers would likely respond with a resounding “NO,” such confidence may not be so justified when it comes to data security.
Survey Reveals Lax Password Management
A recent survey found that many employees are still not taking data security very seriously. SailPoint’s 7th Annual Market Pulse Survey polled 1,000 employees at large organizations across Australia, France, Germany, the Netherlands, the United Kingdom, and the United States. Among the password study’s most notable findings:
- More than 50 percent of workers surveyed reuse passwords for personal and corporate applications. On average, they only use three passwords for all of their logins.
- One in seven would sell their passwords to a third party, some for as little as $150.
- Of those surveyed, 20 percent share their passwords with fellow employees.
- One in five respondents have fallen victim to a high-profile data breach.
- Despite their actions in the workplace, 20 percent of respondents would stop doing business with a company that placed their data at risk.
“Employees may have moved away from the post-it note password list, but using the same password across personal and work applications exposes the company,” said Kevin Cunningham, president and founder of SailPoint. “Just think of the major breaches that occurred in 2014 requiring users to change their passwords on social media. If those were the same passwords being used to access mission-critical applications, it’s very easy for hacking organizations to take advantage and get into more valuable areas.”
Steps to Improve Password Protection
Many employees use a number of passwords on a daily basis, and it can be tempting to create one login that works across the board. Unfortunately, hackers are aware of this vulnerability and are increasingly using passwords from soft targets like social media to gain access to sensitive corporate data. To address these data security risks, there are steps that businesses can take:
- Implement and enforce a policy that prohibits reusing corporate passwords on third-party sites.
- Train employees regarding the risk of password reuse and how to safeguard their corporate credentials.
- Require employees to change their corporate credentials every 90 days.
- Immediately remove old passwords so that former employees cannot access your systems.
- Install password management software and other tools that regulate/automate the use of corporate passwords.
The SailPoint study should certainly be eye opening for employers. The bottom-line — if you don’t already have strong password policies in place, you could be exposing your company to significant liability.
Do you have any feedback, thoughts, reactions or comments concerning this topic? Feel free to leave a comment below and follow the twitter accounts @CyberPinguelo and@eWHW_Blog. If you have any questions about this post or would like assistance with your legal needs, please contact me or the Scarinci Hollenbeck attorney with whom you work. To learn more about data privacy and security, visit eWhiteHouse Watch – Where Technology, Politics, and Privacy Collide (http://ewhwblog.com).
- Practices: Public Employment Law
No Aspect of the advertisement has been approved by the Supreme Court. Results may vary depending on your particular facts and legal circumstances.
Related Posts
See all
Does Your Homeowners Insurance Provide Adequate Coverage?
Your home is likely your greatest asset, which is why it is so important to adequately protect it. Homeowners insurance protects you from the financial costs of unforeseen losses, such as theft, fire, and natural disasters, by helping you rebuild and replace possessions that were lost While the definition of “adequate” coverage depends upon a […]
Author: Jesse M. Dimitro
Understanding the Importance of a Non-Contingent Offer
Making a non-contingent offer can dramatically increase your chances of securing a real estate transaction, particularly in competitive markets like New York City. However, buyers should understand that waiving contingencies, including those related to financing, or appraisals, also comes with significant risks. Determining your best strategy requires careful analysis of the property, the market, and […]
Author: Jesse M. Dimitro
Fred D. Zemel Appointed Chair of Strategic Planning at Scarinci & Hollenbeck, LLC
Business Transactional Attorney Zemel to Spearhead Strategic Initiatives for Continued Growth and Innovation Little Falls, NJ – February 21, 2025 – Scarinci & Hollenbeck, LLC is pleased to announce that Partner Fred D. Zemel has been named Chair of the firm’s Strategic Planning Committee. In this role, Mr. Zemel will lead the committee in identifying, […]
Author: Scarinci Hollenbeck, LLC
Novation Agreement Process: Step-by-Step Guide for Businesses
Big changes sometimes occur during the life cycle of a contract. Cancelling a contract outright can be bad for your reputation and your bottom line. Businesses need to know how to best address a change in circumstances, while also protecting their legal rights. One option is to transfer the “benefits and the burdens” of a […]
Author: Dan Brecher
What Is a Trade Secret? Key Elements and Legal Protections Explained
What is a trade secret and why you you protect them? Technology has made trade secret theft even easier and more prevalent. In fact, businesses lose billions of dollars every year due to trade secret theft committed by employees, competitors, and even foreign governments. But what is a trade secret? And how do you protect […]
Author: Ronald S. Bienstock
What Is Title Insurance? Safeguarding Against Title Defects
If you are considering the purchase of a property, you may wonder — what is title insurance, do I need it, and why do I need it? Even seasoned property owners may question if the added expense and extra paperwork is really necessary, especially considering that people and entities insured by title insurance make fewer […]
Author: Patrick T. Conlon
No Aspect of the advertisement has been approved by the Supreme Court. Results may vary depending on your particular facts and legal circumstances.
Sign up to get the latest from our attorneys!
Explore What Matters Most to You.
Consider subscribing to our Firm Insights mailing list by clicking the button below so you can keep up to date with the firm`s latest articles covering various legal topics.
Stay informed and inspired with the latest updates, insights, and events from Scarinci Hollenbeck. Our resource library provides valuable content across a range of categories to keep you connected and ahead of the curve.
Getting Employees (Through Training) on Board Is Key to Data Security
Author: Scarinci Hollenbeck, LLC
Would your employees sell their business passwords to a third party for a measly $150? While most employers would likely respond with a resounding “NO,” such confidence may not be so justified when it comes to data security.
Survey Reveals Lax Password Management
A recent survey found that many employees are still not taking data security very seriously. SailPoint’s 7th Annual Market Pulse Survey polled 1,000 employees at large organizations across Australia, France, Germany, the Netherlands, the United Kingdom, and the United States. Among the password study’s most notable findings:
- More than 50 percent of workers surveyed reuse passwords for personal and corporate applications. On average, they only use three passwords for all of their logins.
- One in seven would sell their passwords to a third party, some for as little as $150.
- Of those surveyed, 20 percent share their passwords with fellow employees.
- One in five respondents have fallen victim to a high-profile data breach.
- Despite their actions in the workplace, 20 percent of respondents would stop doing business with a company that placed their data at risk.
“Employees may have moved away from the post-it note password list, but using the same password across personal and work applications exposes the company,” said Kevin Cunningham, president and founder of SailPoint. “Just think of the major breaches that occurred in 2014 requiring users to change their passwords on social media. If those were the same passwords being used to access mission-critical applications, it’s very easy for hacking organizations to take advantage and get into more valuable areas.”
Steps to Improve Password Protection
Many employees use a number of passwords on a daily basis, and it can be tempting to create one login that works across the board. Unfortunately, hackers are aware of this vulnerability and are increasingly using passwords from soft targets like social media to gain access to sensitive corporate data. To address these data security risks, there are steps that businesses can take:
- Implement and enforce a policy that prohibits reusing corporate passwords on third-party sites.
- Train employees regarding the risk of password reuse and how to safeguard their corporate credentials.
- Require employees to change their corporate credentials every 90 days.
- Immediately remove old passwords so that former employees cannot access your systems.
- Install password management software and other tools that regulate/automate the use of corporate passwords.
The SailPoint study should certainly be eye opening for employers. The bottom-line — if you don’t already have strong password policies in place, you could be exposing your company to significant liability.
Do you have any feedback, thoughts, reactions or comments concerning this topic? Feel free to leave a comment below and follow the twitter accounts @CyberPinguelo and@eWHW_Blog. If you have any questions about this post or would like assistance with your legal needs, please contact me or the Scarinci Hollenbeck attorney with whom you work. To learn more about data privacy and security, visit eWhiteHouse Watch – Where Technology, Politics, and Privacy Collide (http://ewhwblog.com).