46% of IT, security, and cybersecurity leaders say they still store passwords in shared office documents. That’s despite an overwhelming 93% of respondents that require password management training, with 63% holding training more than once per year, according to a survey conducted by Pulse on behalf of Hitachi ID.
“It raises an important question about how effective password management training is when nearly half the organizations are still storing passwords in spreadsheets and other documents, and 8% write them on sticky notes,” said Nick Brown, CEO at Hitachi ID.
“Insecure passwords are still a leading cause of cyberattacks, and education alone is clearly not enough. More companies need to follow the lead of the 30% who report that they store passwords in a company-provided password manager.”
The survey suggests many organizations know their secret and password management isn’t up to par. When asked whether an employee leaving the company could take passwords with them, only 5% say they were extremely confident that wasn’t possible. If they have to urgently terminate an employee, only 7% of leaders are extremely confident they can transfer passwords and credentials, terminate access, and maintain business continuity.
That lack of confidence has real-world implications. Some 29% of respondents say they’ve experienced an incident in the past year where they lost access to product systems after an employee left the organization.
“In the midst of the Great Resignation, every organization should be extremely confident that passwords will stay in the company regardless of which employees come and go,” said Ian Reay, VP, Product Management at Hitachi ID.