EDITOR’S QUESTION
/////////////////
A
ccording to a recent PwC report,
80% of UK CEOs are worried
about the risk of cyberthreats to
their business, making it the issue they
are most concerned about. Rather than
living and working in a state of perennial
fear of hackers, businesses should
modernise their approach to password
security best practices.
When it comes to security, humans are the
weakest link. According to a recent CybSafe
analysis of data from the UK Information
Commissioner’s Office (ICO), human error
caused 90% of data breaches in 2019. This
incredibly high percentage demonstrates
the importance of managing the risk
associated with human behaviour when
addressing cyberthreats.
Employees using weak or reused passwords
across multiple sites and services (including
personal and professional accounts) is
one of the riskiest forms of user behaviour
an organisation faces. In fact, the World
Economic Forum found that four out of five
data breaches are caused by weak/stolen
passwords. Although organisations have
reacted to the ‘password risk’ and invested
in cybersecurity training to make sure they
stay compliant, they often overlook ways to
help staff by improving the experience of
their users.
28
INTELLIGENTCIO
With Identity-as-a-Service (IDaaS) now
readily available, even small organisations
can introduce a cloud-based identity system,
so users will have a single set of corporate
credentials for applications, networks and
devices. Some even offer users a convenient,
secure password vault for personal
applications as well.
These modern platforms allow users to
log in once to access all their applications
and provide them with the ability to easily
and securely manage their own passwords
and devices.
They allow companies to enforce strong
password policies and MFA while radically
reducing the need for IT help desks to
manually reset passwords or manage user
devices. It also helps organisations combat
shadow IT by offering fast onboarding of
business applications with a Single Sign
On experience.
Password best practice isn’t rocket science
and plays a critical part in the security of
a business. Organisations must go beyond
traditional best practice methods and
look at the tools and solutions available
to create a process that both increases
security and improves the end-user’s
experience, making strong authentication
simple and seamless to use.
“
WITH IDENTITY-
AS-A-SERVICE
(IDAAS) NOW
READILY
AVAILABLE,
EVEN SMALL
ORGANISATIONS
CAN INTRODUCE
A CLOUD-BASED
IDENTITY SYSTEM.
www.intelligentcio.com