UK company bosses have a complacent attitude toward cybercrime and are inviting criminal attacks due to their sloppy approach to internet security. That is according to research from a tokenless authentication product company.
According to the research, about half of business owners (51 per cent) are ‘unconcerned’ with the security of their corporate systems, with one in four readily admitting to reusing the same user name and password across all their corporate and personal accounts, from their Facebook page to their confidential corporate systems. A dramatic increase in the online activity of business owners is compounding the risks. Four out of five business owners now regularly use up to 50 websites that require a username and password whereas just five years ago, the majority (73pc) accessed just 20 or less. Doing more online with the same user name and password greatly increases the chances of a fraudster, data thief, saboteur, or even a disgruntled employee, obtaining these details and exploiting them for criminal gain. Some 67pc also admitted to keeping a written log, or using a system of their own devising, to help them keep track of the user names and passwords they use regularly.
“Just as the government is waking up to cybercrime we discover that company bosses are half asleep,” says Chris Russell, VP Engineering, Swivel Secure. “The problem is that business owners think that cybercrime is something that happens to other people, without appreciating the value of the data they hold and the motivations of people who may want to access it. They read about security breaches at big multinational firms like Google and LinkedIn, but don’t realise that these same login details are probably also being used to access their own systems. It’s time business owners realised that usernames and passwords are actually not secure at all.”
“It’s a big problem that’s getting worse; company data is more at risk than ever before,” adds Russell. “Bosses and employees now want to connect their smartphones and tablets to their work systems. Flexible working is gaining in popularity, so more of us are logging in remotely. Too often, new working behaviours like these are still only protected by outdated username and password gateways. And when, inevitably, they are shared, lost, leaked or stolen, it really doesn’t matter how impenetrable your corporate firewall is because you’ve done the digital equivalent of handing over the keys to the safe.”
Almost three quarters of business owners (73pc) confirmed that they do, in fact, keep track of online security threats like hackers, trojans and viruses, suggesting that the strength of their own access credentials isn’t even registering with them as a potential weak point in their security. “The government claims cybercrime costs the UK economy £27 billion a year,” adds Russell. “That’s the equivalent of building one of Boris Johnson’s Thames Estuary airports every twelve months. You can’t help but wonder how much of that could be saved if business owners took a few simple steps to transition to a 21st century system for authenticating users and protecting their corporate data.”
Swivel says its authentication platform was first launched in 2003. It is now used by local government, the NHS, major global enterprises and smaller businesses, to remotely access their business networks, virtual desktops and cloud-based applications. An alternative to usernames and passwords, the authentication platform offers user deployment options, including mobile apps, SMS and interactive voice response channels.
