British businesses are running the risk of being hacked and having confidential data leaked, due to a laissez-faire attitude towards digital security.
The news comes at a time when cyber threats are at an all-time high, GDPR legislation is coming, and businesses are exposing themselves to significant fines and risk reputational damage as a result.
A survey has revealed that nearly 1 in 2 admitted they have the same password for everything at work, while 1 in 4 admit they use an easily researched piece of information as the basis of their password.
Date of births were the most common easily guessable password used for digital accounts, with 37 per cent admitting to doing this. This was closely followed by spouses’ names, which form the basis of at least one work password for 22 per cent and 1 in 5 rely on their children’s names as memorable but insecure passwords.
British companies are not only risking hackers and external parties being able to guess workers’ passwords by doing basic research – they are also failing to carry out basic practices that can make business information more secure.
Just 1 in 4 workers say their company changes passwords for key digital accounts and services when a member of staff leaves employment – meaning that many businesses could be at risk of former employees continuing to access confidential company information.
Matt Royle, Marketing Director, Probrand, said: “It’s quite alarming how lax attitudes seem to be towards online security within many UK businesses – even when big companies suffering large scale security breaches are making headlines on a regular basis. The reputation and financial damage simply isn’t worth the risk. Cyber breaches are now considered a business disaster and the disruption caused can put companies out of business.
“It is vital that businesses protect their information, get policies and processes in place to protect their data as well as undertake business continuity and disaster recovery planning and testing.
“The humble password is still a major exposure point for many. Simple policies can force password resets and more complex password make-up that includes upper and lowercase letters, symbols and numbers. Password vaults also protect and restrict sharing.
“For additional security, modern approaches to access now include Two Factor Authentication, where a second randomised passcode is sent to the user via a smartphone for unique input.”
Shockingly, just under 1 in 10 admit they don’t even have a password protecting the computer or laptop they use for work – meaning external parties could easily access company information.