9 Common Ways Password Security is Breached
Kim Drinkall
November 13, 2023
Subscribe for relevant industry news, offers, and updates
June 24, 2024
March 01, 2024
February 06, 2024
Businesses face numerous password security challenges, including phishing, malware, brute force attacks, and more, necessitating robust cyber security measures, employee education, and advanced defense mechanisms like multi-factor authentication to protect sensitive data.
Where there is data, there are criminals trying to access it. Passwords are a challenge for businesses, because it's an important way to maintain your security posture, and unfortunately, it depends heavily on humans. And let’s face it – humans are unreliable.
Phishing
Phishers are always getting more sophisticated, and unfortunately their methods work. In fact, 90% of corporate security breaches are the result of phishing. Training employees to recognise and avoid these attacks is key. Download our Phishing Field Guide to remind employees of what to watch for with these phony communications.
Keylogging Malware
Certain kinds of malware save your keystrokes and leak passwords that way. How can this be avoided? A robust cyber security suite is your protector against these silent threats. Remembering not to plug in unfamiliar USBs, scan unknown QR codes, click unknown links and more keep these kinds of malware at bay.
Brute Force
Getting lazy with your passwords is dangerous. Using passwords such as “password1” or similar is an easy way for hackers to force their way into your system and make use of your sensitive data.
Credential Stuffing
Post-breach, attackers feast on recycled passwords. Maintaining a portfolio of unique, complex passwords starves their efforts fast.
Public Wi-Fi
Public networks are a hacker's playground. Secure, encrypted connections are the safety nets for your data. Many phones have personal hotspots in the settings – make use of them. Otherwise, investing in hotspots for your employees that travel often is a great way to keep a more robust level of security around your sensitive information.
Shoulder Surfing
The simplest breach is often overlooked. Conscious practices and privacy screens thwart prying eyes.
Dumpster Diving
Discarded devices and documents can be a treasure trove for criminals. Ensure that your business uses secure disposal methods for all materials.
Physical Device Theft
A lost device can unlock a gateway to unauthorised access. Encryption and secure lock screens are your first line of defence.
Database Hacks
An assault on a database presents a multitude of problems, but one of the main ones is the opportunity to farm multiple passwords which then proliferates the attack damages. Encryption and vigilance in partner choice are paramount.
UK businesses must transcend basic password protocols to defend against sophisticated cyber adversaries. Here are strategic pillars to uphold:
Cyber Security Hygiene
Regular updates and patches are the bedrock of a resilient security posture.
Employee Vigilance
People can’t know how to protect themselves (and your business) if they don’t know the threats facing them. Continuous education on cyber security threats and best practices is non-negotiable.
Advanced Defence Mechanisms
Employ multi-factor authentication (MFA) and password managers to add layers of security.
IT Service Continuity Management (ITSCM)
Have an actionable plan for when breaches occur. Speed is of the essence in containing and mitigating damage.
Regular Audits
Test your defences. Penetration testing and security audits should be routine to ensure your shields hold firm against ever-evolving threats.
Data Privacy Compliance
Adherence to the UK's Data Protection Act 2018 and GDPR (General Data Protection Regulation) is crucial. Ensure your practices are up to the mark to avoid legal repercussions and fines.
It’s easy to become overwhelmed in the face of cyber threats. They are vast and ever evolving. The human element is often the weakest link in the equation, so that’s where to focus your efforts when thinking of your cyber security. The first step is education and awareness.
Want to know more about password security? Join our upcoming webinar with LastPass where we will learn about the psychology behind password security and how to improve it! As always, contact us with any questions you may have surrounding this topic or any others.