From the “too ridiculous to be true” files — especially given the increasing number of data breaches at companies large and small — is the news that the most common corporate password is “Password1” because it barely meets the minimum complexity requirements for length, capitalization, and numerical figures.
This data is from a recent Trustwave report entitled “Uneducated Employees and Their 7 Deadly Sins” — in it, it offers businesses a glimpse into the 7 biggest pitfalls and perils of allowing workers access to sensitive files while also utilizing the cloud and social media sites.
The Trustwave report, for example, shares that 52% of businesses have seen an increase of malware infections due to employees’ use of social media. This figure is bound to increase because the report also reveals that — surprise! — 67% of young workers think corporate social media policies are “outdated” and 70% regularly ignore its policies.
That’s scary enough news, but wait, it gets worse.
It turns out that only 18% of workers use a personal VPN tool — like PRIVATE WiFi — when accessing public WiFi hotspots. That’s incredibly risky behavior, both personally and professionally.
Are businesses simply doomed to data breaches? Sadly, without adequate education among executives and workers, cyber attacks are one of the unfortunate realities of doing business today.
Remember, using a personal VPN is as important as firewall and antivirus. A personal VPN creates a virtual “tunnel” of encrypted data running over the public Internet. When people use public WiFi without any privacy, they become extremely vulnerable to hacking, identity theft, credit fraud, and a host of other privacy violations. As The New York Times once noted:
“Intruders can intercept data sent back and forth on unprotected wireless networks, so you should never send information like financial account passwords, Social Security numbers or payment information over unsecure and unencrypted connections. If possible, try to use your company’s virtual private network (if it has one) or a similar commercial service to keep your connections encrypted.”
If you own your own business — or work for a business that has suffered a data breach — the damaging effects of even one breach can be long-lasting. Companies that suffer a data breach are not only facing expensive direct costs from cleaning up a data breach, but also a loss in customer confidence that has long-lasting ramifications. In fact, studies have shown that the United States has the most expensive data-breach incidents caused by malicious or criminal attackers — at $277 per record. But the costs of lost reputation, brand value, and tarnished image are just as serious.
Take a few moments to estimate what a data breach could cost your company at www.databreachcalculator.com. This is a free online tool from Symantec that calculates your risk based on your organization’s characteristics.