Why consumer accounts need to consider their password security management just as much as enterprises
Consumers are as vulnerable as any enterprise to fraudulent activity – and preventing consumer security incidents can also benefit the enterprise
Much progress has been made in recent years by the security industry of the importance of protecting corporate accounts, and rightly so. Data breaches, which have become increasingly endemic over the course of the last decade, have disastrous effects on the businesses affected by them. This causes regulators to set huge, often terminal fines, causing a total collapse of a business’s reputation, and of course, it works to ensure that the pipeline for further cybercrime remains as well-stocked as ever.
This pipeline, however, is where the majority of ordinary people will feel the brunt of a data breach. The victims of security incidents – aside from the organisation involved – are the consumers and customers who end up caught in the middle of these incidents.
This issue is further compounded by the fact that once an individual’s PII (personally identifiable information) – email addresses, physical addresses, financial information – is compromised, it not only means that the account in question has fallen into the hands of individuals with malicious intent but also leaves other accounts in their name vulnerable due to the widespread failure of our most commonly used method of authentication: The password. A 2019 study from Google found that 13 percent of people reuse the same password across all accounts and a further 52 percent use the same one for multiple (but not all) online accounts. If one of your employees is included in these percentages, then even a breach of a separate account that they hold could lead to the compromise of their company account.
This kind of statistic should be particularly concerning to consumers and the organisations that provide consumer accounts. According to a 2018 blog by Dashlane, the average Internet user has over 150 accounts requiring password authentication. We know that, in reality, very few will be using a separate password for each of these. What’s more, the interconnectivity of so many consumer accounts, via the ‘sign in with Google’ function, or the ‘sign in with Facebook’ function, deployed by a lot of organisations is a further open-door policy for malicious activity.
So, what can be done? At Authlogics, we empower our users to take control of their password security management with The Password Breach Database, which is a treasure trove for security analysis, allowing us to use the 1 billion unique clear text passwords to develop trends and patterns found in data breaches that have exposed passwords. Using this, we can make inferences and judgments about the state of password security based on the associated data. This, in conjunction with our real-world password solutions, which encourage longer passwords and passphrases, reduce password sharing, allow for self-service resets and comply with global password standards, can help organisations to restore some order to the current chaotic world of passwords.
This solution can be deployed by the enterprise organisations working with consumers to help keep their’ s and the consumers alike to break the chain of the cybercriminal pipeline which is so well-stocked at present, preventing data breaches at their root cause, and keeping organisations and individuals alike safer when using passwords.
To find out more about how we can help, get in touch
Trusted by Governments and Enterprises Worldwide
Where protecting systems and information really matters, you
will find Intercede. Whether its citizen
data, aerospace and defence systems, high-value financial transactions,
intellectual property or air traffic control, we are proud that many leading
organisations around the world choose Intercede solutions to protect themselves
against data breach, comply with regulations and ensure business continuity.