Published on March 6, 2014
Top 5 Reasons Convenience Trumps Security eBook Share This:
Usability Is More Important Than Security American author, William S. Burroughs once said, “Paranoia is just having the right information.” While this idea may reflect the typical stance of a corporate IT department, the average employee is more concerned with getting work done. If employees find network security measures too confining, or if security programs slow down their productivity, employees will seek shortcuts, and chances are those shortcuts are short on security, too. To make sure your IT department hasn’t made accessing the network too difficult for employees (or too easy for intruders) it’s good to encourage IT and employees to keep the lines of communication open through periodic meetings and forums. This approach allows employees to grasp the importance of security and IT to understand that usability is equally important — in employee’s eyes. “All the security gained from using well-analyzed ciphers and protocols, or from careful code reviews and conservative implementation practices, is lost if users can’t reliably figure out how to turn the security features on and still get their work done.” -Matt Blaze, Director of the University of Pennsylvania Distributed Systems Lab Source: http://www.crypto.com/blog/p25/ Share This:
Born a Consumer. Learned to Work. Consuming is a natural instinct. From our earliest moments, we are driven to demand comfort. Our love affair with ease permeates all that we do — including our work. In short, people are consumers first and employees second. So what does a consumer-driven culture mean for your workplace? It means that if the security measures you have in place are not as intuitive and convenient as the ones your employees use in their personal lives, they won’t be adopted, they’ll be abandoned. After all, employees are adept at finding work-arounds. It’s the reason BYOD (Bring Your Own Device) is now common and BYOA (Bring Your Own App) is on the rise. Company networks are attacked an average of 2 million times a week, and many attacks result in a quantifiable data breach The average cost of a single successful cyber-attack is $300,000 43% of C-level executive say a negligent inzsider is the greatest threat to sensitive data Source: http://www.informationweek.com/mobility/smart-phones/byod-resistance-is-futile/240156173 Share This:
Too Tough to Type The strongest passwords contain a combination of letters, numbers and symbols. However, in today’s touch-screen world, switching back and forth between multiple soft keyboards on mobile devices is so inconvenient that most people don’t do it. Sure, they use a password, but more than likely it’s not a combination. Mobile passwords are typically either all letters or all numbers. In fact, two of the most common passwords of all time are 123456 and (wait for it) password. All of this would be kind of funny if it weren’t for the fact that we live in a BYOD world. If employees have a lame password on a device they use to access your company’s secure network, then your business is at risk for data theft and fraud every time an employee misplaces a device. And when you consider that most people use at least two devices at work on a regular basis, it’s easy to see how BYOD could significantly increase your risk. 65% OF PEOPLE use mobile devices to access work email or the company 44% OF PEOPLE don’t lock their mobile devices with a password because it’s too cumbersome 30% OF PEOPLE forget or mistype passwords on the small keyboards of smartphones and tablets 60% OF PEOPLE desire an easier form of authentication for mobile apps Source: http://confidenttechnologies.com/news_events/survey-shows-smartphone-users-choose-convenience-over-security Share This:
Can I Borrow Your Password? I Forgot Mine. Certain things are easy to remember, like a favorite pet or a birthday, which is why those items invariably end up unlocking the combination to a majority of passwords. It’s not that people deliberately choose easy passwords; it’s just that the human mind is prone to forgetting strong ones. Scientists* maintain that in order for people to remember a password, it must be ingrained in long-term memory (LTM), which means it must be meaningful, personal and familiar. Unfortunately, any password that adheres to those three qualities is by default weak. Compounding people’s memory problem is a phenomenon known as password interference. Since most people are using multiple devices and running multiple apps, they are also using multiple passwords to access their information. Password interference occurs when users forget the unique password and PIN rules for each system, which leads to confusion, frustration, lock-outs and ultimately poor productivity. 58% have five or more unique passwords associated with their online logins 30% have more than 10 unique passwords they need to remember OF ADULTS OF PEOPLE 38% think it would be easier to solve world peace than attempt to remember all their passwords 38% would rather undertake household chores, like cleaning the toilet or doing the dishes, than have to create another username and password OF ADULTS OF ADULTS Source: http://www.academia.edu/461816/PINs_passwords_and_human_memory Source: http://janrain.com/about/newsroom/press-releases/online-americans-fatigued-by-password-overload-janrain-study-finds/ Share This:
My Password Is So Secure, Even I Can’t Use It Recent research* revealed that only 35% of people remember advanced or strong passwords. So how are 65% of forgetful users getting by in a time when most companies enforce advanced password policies that require complex passwords that change frequently? The answer is simple, employees write down their passwords. Then, as if writing down this information weren’t irresponsible enough, they post these easyaccess reminders for the entire world to see in convenient locations. Taping passwords to a monitor, tucking them under a mouse-pad, or brazenly laying them right next to the old keyboard is just one work around. Another convenient practice of employees is to make all usernames, passwords and pins the same, as in you’ve cracked one code, you’ve cracked them all. And many employees admit to sharing their password list with friends and coworkers, so that when they lose their own list, they’ve got a back-up. Needless to say, these methods make it convenient for intruders to come in your network’s front door by using the key employees left for them. “The weakest link in any security system is generally the people.” - Patrick Marshall, The Seattle Times Tech Columnist Source: http://www.academia.edu/461816/PINs_passwords_and_human_memory Share This:
FUN PAGE: Typical Guidelines of an Advanced Password Policy username ********** LOGIN Passwords must change at least every 60 days Accounts are locked after 3 consecutive failed login attempts Passwords must contain at least one letter, number, and special character None of a user’s previous 5 passwords can be reused Share This:
Convenience Meets Security We hope our ebook, “The Top 5 Reasons Convenience Trumps Security” has given you fresh insights into why people consistently choose convenience over security. At CloudEntr, we believe convenience and security are not mutually exclusive terms, and we’ve got the solutions to prove it. To learn more about us, download more ebooks, or register for a free trial, please visit CloudEntr.com/latest-resources. Share This:
Human Nature Trumps Homeland Security More Login. ... the media for this CYA security. Every time A Bad Thing ... every day you throw 5 dice and if you get ...
... I’d be constantly in a state of terror every time my ... Comment on 5 Reasons Trump Is The Worst Candidate In Modern ... Comment on 5 Reasons ...
... Security Response Manager at Symantec stated “Convenience trumps security very often when it comes to ... “Every time you put data in ... 5. Don ...
Convenience Trumps All. ... In almost every case, ... Christopher Caen October 5, 2016 email@example.com Publisher, ReadWrite.
And this time the bad ... We negotiate and find the just right balance on the security-convenience ... (such as not having a certain "look" or ...
... 2016: Dumb SmartThings. It's time for Security ... where user convenience completely trumps security. ... and every Tuesday for Security ...
Browse Retail and Study content selected by the Community Banking Brief ... Security Trumps Convenience ... to plumb every last ...
Mat Honan's Weekend. ... If you have an Apple ID, every time you call Pizza Hut, ... Right. Because, again, convenience trumps security. Steve: Yeah.