DETROIT – It would seem that every person is being trained in information security and knows what passwords to choose, how often they need to be changed, how to store them. But, for some reason (most likely, the fault of all carelessness), they ignore these rules.
Not so long ago, there was a survey called “Password psychology: online behavior that puts you at risk”. This survey was aimed at studying password security for users from all over the world and its results were disappointing – people use a huge number of the same passwords…
This survey was conducted earlier, in 2018, and since then, the number of people who use the same password for different services has increased. This time they were 66% of respondents (against 61% in 2018). But the most interesting and frightening thing is not that, but that 91% of those people who use the same password said that they know you can’t do this, but still continue to do it.
Well, our assumption turned out to be correct – the fault for all carelessness or dangerous self-confidence. Even if people are aware of the existence of information security threats, it is far from the fact that they will use this knowledge. As an example of statistics – phishing emails are used in more than 92% of all data leaks. Although almost everyone knows that you should not open suspicious emails, let alone run files sent from unknown addresses.
And now, when many people have to work from home, protecting corporate and personal data is becoming more and more important. But people simply tend to underestimate the value of their data, and even more so the value of company data. The researchers who conducted the survey said that only 29% of respondents decided to create a more secure password for accounts related to work.
From here we can conclude that it’s important not only to educate people about how to counter information security threats, not only to check their residual information security knowledge, but also to monitor and even force them to comply with information security requirements and employee monitoring software protocols.
Despite the fact that the development of information technologies continues and people are increasingly working with them, many employees find themselves frighteningly unarmed, and through their own fault, in the face of fraudsters. And it is always important to remember that no matter how perfect your information security system is, people will work in your information system, which means that there will always be at least one extremely vulnerable place in it – a person.