,

When “I love you” translates to “my password is ___”

In honor of Valentine’s Day, we’re showing cybersecurity some love by discussing how employees can keep their personal online information secure and separate from their work-related data.

With password sharing among significant others (SOs) becoming increasingly common, controlling login information is even more difficult. Once that information is given, it can’t be taken back. On the surface, an employee’s personal life and their employer’s security may seem unrelated, but we found that that couldn’t be further from the truth.

We conducted a survey of 300 respondents, titled “Is it better to have loved and lost data?,” to analyze overall feelings toward sharing login information with their SOs. Our findings revealed that even though 49% of consumers consider password-sharing to be a risk, 60% do it anyway. And unfortunately for IT admins, 26% of respondents used the same passwords for both personal and work accounts.

More troubling is that 33% of those shared passwords are for email accounts, presenting a big problem for individuals and the businesses employing them. And with 11% of survey respondents reportedly accessing and/or altering a SO’s work-related materials, IT admins have a real challenge to keep corporate data secure.

By now you’re probably thinking, “Just change your passwords!” Surprisingly, 57% of respondents don’t even bother changing their passwords after a breakup, indicating that the majority of people, and by extension, their employers, are increasingly vulnerable to data breaches after the end of a relationship.

Whether it’s an angry ex or rogue employee attempting to use a company’s email server, businesses can take several steps toward ensuring external sources cannot access or alter private data:

  1. Password management
    Businesses can protect their data from digital trespassers by encouraging employees to keep their personal and work-related passwords separate. Although a simple action, this password distinction enables businesses to significantly reduce the risk of consumers unlocking a company’s private data via personal login information. It’s a quick fix that can prevent long-term problems.
  2. Revoking access
    Unfortunately, with regular employee turnover paired with the flood of devices hitting the workplace, IT can struggle with securing employee access to workplace data. Identity and access management tools allow businesses to successfully revoke former employees’ access to online company resources and prevent potential security risks.
  3. Two-factor authentication (2FA)
    Even after implementing the above suggestions, we recommend adding another security layer. Both businesses and individual employees are strongly recommended to implement two‑factor authentication on all critical systems, applications, and services – especially those that are exposed to the internet. Adding 2FA can help by providing businesses and employees (with their individual personal accounts) with a multi-faceted authentication process that requires a unique security verification item in addition to standard password and username information. Adding another authentication factor makes it exponentially more difficult for intruders to breach a company’s systems, as compared to systems that are protected only with a password.

Ultimately, it’s important to remember that just as consumers should follow best personal practices regarding password sharing, businesses need to bolster their cybersecurity efforts to minimize password exploitation and maximize online safety.

The moral of the story is this: Sharing your heart doesn’t mean you need to share your password. To prevent a personal fallout from destroying your professional digital footprint, consumers should practice effective password safety. Businesses can also improve by implementing optimal cybersecurity standards to protect sensitive data exchanges.

So, next time you jump into the dating pool, feel free to wear your heart on your sleeve, but think twice before writing your passwords on your sleeve as well.

 

 

Survey methodology

Intermedia surveyed 300 US consumers via SurveyMonkey around their habits and willingness to share various personal and work-related accounts with significant others. Results were derived from a five-minute online survey with 10 total questions, fielded Jan. 23-24, 2017. Criteria for participation included that the respondents either be partly or fully employed and between the ages of 25-60.

About Ryan Barrett

Ryan is Intermedia's Vice President for Security and Privacy.