Your Passwords are Not Secure
You have secrets. We all do. Yesterday, they were protected by a seven-digit password. Today, they are unlocked and might be used to hurt you. Your Credit Card number. Your email. Your bank account.
You think your secrets are safe online, but they are being targeted on a massive scale by people who range from a network of professionals to a bored fifteen-year-old with nothing better to do than ruin your life.
In daily life, you can watch your phone, keep your wallet close, and lock your car after parking. You don’t leave valuables on a cafe table in a means to protect what you value. However, your digital life is available 24/7. Even when you are sleeping, it exists. And unlike your ability to determine a shady character on the street, in your digital life, you have no awareness of who is lurking around the corner to harm you.
So you create passwords – strong ones – to protect yourself.
In years past, online passwords have worked just fine because they have had less to protect. A complex password with a range of characters, symbols, and numbers would protect your online profile and email account just fine. These days, the stakes are higher. Entire lives are online, both personal and business. You have a digital life running alongside your own, one you have little control over.
Here’s the secret about passwords: If they’re good enough to protect you. You won’t remember them.
So you write them down, keep them in a folder, put them in your emails, or on a spreadsheet. Similar to driving a brand new car out of a dealership, once a password is in the hands of a person, it’s devalued. Instantly. Because you are only human. Perhaps you clicked on something without noticing online, and your computer is now affected with malware that records passwords, or a virus that steals information and feeds it back to the very people out to gather your secrets.
In one form or another, the Internet holds most your secrets. Some of which you haven’t even tried to protect. Things that we think are private are accessible to anyone with a motive. Your name, email, and home address is common knowledge. Your date of birth is on Facebook. A hacker might find your mother’s maiden name online at ancestery.com.
In this digital world, technology is fast surpassing a password’s ability to protect us.
Email addresses are used universally as usernames, creating a huge point of weakness just waiting to be exploited. Once a hacker has access to your email account, with the forgotten password link and five minutes, other accounts such as Amazon, Netflix, Ebay, even Paypal are in their hands. A hacker just needs one account to gain entry to them all, destroying your digital life in a few minutes. They could wipe everything off every one of your devices – data, photos, important information, years of emails – gone in the time it takes you to make a cup of tea.
What about corporate passwords?
What about your business? Your livelihood, your startup, or your well-established company moving towards being boundaryless, paperless, and in the cloud.
Thanks to the trend of storing corporate data in the cloud, your intellectual property is less secure than ever.
Hacking and gaining access to your company’s information has never been so widespread. You can do banking in the cloud, store vital data in the cloud, track finances in the cloud, and do taxes in the cloud. Everything is interlinked with numerous points of weaknesses, some of which we aren’t even aware of yet.
In business, it’s not just you in control of your secrets.
Dozens (potentially hundreds) of people armed with passwords, are devaluing the security of your business data. Rolling out of the dealership, unaware of what is around the corner.
Here’s another secret about passwords: If your employee’s passwords are any good, and robustly secure, they won’t remember them.
Because they are just as human as you. Your employees are told to generate strong passwords. A 6-letter word if they’re careless. A few numbers interspersed with characters if they’re cautious. Perhaps you allocate passwords in an attempt to keep your business secure. The most complex variation of 1632 characters, symbols, and numbers combined. But chances are users, employees, and those dreaded hackers alike won’t be able to get into those accounts. There’s a fine balance between adequate security and usability because there’s no point having such secure passwords that they are unusable.
They will write passwords down on a piece of paper and store it in their desk. Maybe they will save them on their computer in a spreadsheet, or notepad. They may reuse their passwords in an attempt to remember. All of the above make your business less secure.
Hackers don’t just target the big guys.
In 2013, personal information from one billion Yahoo user accounts was stolen. It was the largest data breach in history and only discovered in 2016. Early last year, an Austrian-based aero parts manufacturer fell victim to attackers, who stole 50 million euros during their hack. Big companies like Apple, Twitter, SnapChat, Sony, LinkedIn, eBay, and Dropbox have all experienced recent security breaches.
You may think your company is not big enough or public enough to be a target, but hackers typically target small businesses, because they have more money than private individuals and less security than large corporations. Consider the amount of time and money the above companies would have invested in improving their online security after those breaches.
Can your business afford a security breach?
No amount of caution or complex variation of numbers and letters can stop a determined hacker from cracking that password and accessing your company’s valuable data. However, there aren’t a lot of alternatives out there, but that’s where the team at Vault One come in.
Vault One is a privileged account manager solution, tackling these security issues by centralizing passwords in a “vault,” allowing users to access resources (servers, computers, social accounts) without the need for a password. Rather than trusting everyone with a password, an administrator can create a secure connection between the user and the resource through Vault One, putting the power of intellectual property back in the hands of the company, where it should be.
Talk to the team at Vault One today.