IT professionals have growing concerns about government surveillance, and it’s impacting their approach to password security.
The Ponemon Institute with authentication key vendor Yubico surveyed over 1,500 IT and IT security practitioners in the US, the UK, Germany and France to investigate beliefs and behaviours around password management and authentication.
“These respondents should be more knowledgeable and aware of the risks of poor password practices than individuals who do not work in IT or IT security,” the institute said in its report.
However, the answers from these professionals were particularly surprising around how they managed their passwords, with 53% saying they simply use their memory.
Government surveillance fears strong among IT professionals
59% of the professionals surveyed said they had growing concerns about government surveillance and 51% said they were using their mobile devices more often, causing more concern about privacy.
Around a third said they knew someone who became a victim of a data breach and a third said they themselves were victim to a data breach, with almost 10% being a victim of identity theft.
How well do you really know your competitors?
Access the most comprehensive Company Profiles on the market, powered by GlobalData. Save hours of research. Gain competitive edge.
Your download email will arrive shortly
Not ready to buy yet? Download a free sample
We are confident about the unique quality of our Company Profiles. However, we want you to make the most beneficial decision for your business, so we offer a free sample that you can download by submitting the below formBy GlobalData
“People are becoming mindful of the worth of personal data as a tool for nefarious acts,” said Ronnie Manning, vice president of communications at Yubico.
“Media attention is creating greater anxiety around large scale breaches and the fact that anyone can become a target, which in turn is driving a demand for better security, authentication technologies and privacy measures to protect valuable information.”
The personal data IT pros fear losing the most
62% of IT professionals were concerned about protecting their social security number or citizen ID, which could perhaps lead to identity theft.
Payment account details were also a high priority for adequate protection, and details around health conditions, which might affect medical insurance prices.
“Personally identifiable information – passport number, bank account, National Insurance number – offers hackers an opportunity to access important data that could enable them to clone identities or damage a person’s credit history,” said Manning.
“The concern around health information is particularly interesting because of the potential consequences if these details were lost or stolen. Could it affect insurance policies, future employment? The implications could be far-reaching.”
Password security approaches
While password managers are frequently used to store and protect passwords, over half of those surveyed used their own memory to protect their passwords, at the risk of forgetting them at a crucial moment – particularly given the need to have unique passwords for different accounts.
The majority of UK adults are still uncertain about how best to protect their privacy online.
“The respondents seem to rely heavily on outdated, unreliable or unsecured alternatives to password managers,” Manning commented.
“There is clearly a disconnect between what people expect and what is being delivered on a corporate level. Education is important to deliver employers the benefits of highly secure authentication methods; the cost benefits of less downtime, fewer support calls and the added layer of security.”