UK businesses neglect poor password management practices and are failing to recognise the value of automated tools. OneLogin, the leading provider of Unified Access Management, has revealed UK businesses annually lose, on average, 2.5 months per year resetting passwords. The failure to manage passwords and mundane IT administrative tasks efficiently is costing businesses time and money. (Download the full password management report here).
“The benefits of innovative technology to facilitate modern business practices is clearly yet to be recognised by the average UK business overwhelmed by day-to-day password management processes. Trust must be built between businesses and B2B tech vendors, as a lot of businesses are stubbornly struggling in the dark and avoiding the topic of ‘digital transformation’ to free up employee and operational efficiencies.” Comments Thomas Pedersen, OneLogin’s chief technology officer and founder.
“UK businesses must streamline and simplify Identity and Access Management (IAM) processes by implementing Single Sign-On and Multi-Factor Authentication tools. By doing so they will be freeing up skilled IT professionals to focus on tasks that drive greater business value and connect dispersed workforces. Organisations that don’t, may not survive the next two to five years. The quick adoption of automated tools is key to business survival.” Adds Pedersen.
Furthermore, two-thirds (66%) of those surveyed confessed to not checking passwords against common password lists and more than three-quarters (78%) don’t check employee passwords against password complexity algorithms. This poor password hygiene is leaving UK businesses vulnerable to cyber-attacks.
While the majority of respondents practice good password hygiene, many respondents indicated that basic fundamentals are often lacking:
· Fewer than 19% (18.7%) check passwords against rainbow tables
· Over half (51%) don’t require special characters
· Just under half don’t require numbers (47%) and upper and lower case (37%)
Mandatory requirements for internal corporate applications are also concerning and demonstrate that the value of innovative technologies that simplify access management is yet to be truly recognised:
· Only 53% require single sign-on (SSO) integration
· Only 35% have implemented password complexity policies
· 70% have not implemented password rotation policies