Financial and ID Technologies

Too Many IT Security Pros Still Keep Paper Records

21 November 2017

Although breaches from hacked privileged accounts have resulted in data theft leading to high mitigation costs, as well as bad publicity and tarnished brands, 18 percent of IT security pros still keep track of those passwords in a paper log book. That’s no joke.

An overwhelming majority -- 80 percent -- of the 913 IT security pros surveyed by One Identity said they face challenges managing privileged passwords. In addition to those old-school IT pros using paper logs, another 36 percent manage passwords in Excel or another spreadsheet.

The One Identity survey was not a good report card for IT security professionals overall. Twenty-one percent of respondents said they can’t monitor or record activity performed with administrator credentials, and 32 percent said they aren’t always able to identify individuals who perform admin activities. Further, 40 percent of those surveyed admit they don't change default admin passwords, and a whopping 86 percent don't regularly change the passwords on their admin accounts. Additionally, many of those passwords aren't private -- on average, an employee shares four passwords with others.

Multi-factor authentication -- whereby computer access control is granted access once several separate pieces of evidence is presented to an authentication mechanism -- is slowly growing in acceptance. MFA is just not being implemented widely: Another researcher, DuoLabs, found that only 26.5 percent of businesses have enabled multi-factor authentication to protect their password vaults.



Powered by CR4, the Engineering Community

Discussion – 1 comment

By posting a comment you confirm that you have read and accept our Posting Rules and Terms of Use.
Re: Too Many IT Security Pros Still Keep Paper Records
#1
2017-Nov-22 3:13 AM

”18 percent of IT security pros still keep track of those passwords in a paper log book. That’s no joke”
If that had been a joke I wouldn't have gotten it. What is the problem with paper log books? Paper is great. There are no remote exploits against paper, and remote exploits are where you need to be careful.

Engineering Newsletter Signup
Get the GlobalSpec
Stay up to date on:
Features the top stories, latest news, charts, insights and more on the end-to-end electronics value chain.
Advertisement
Weekly Newsletter
Get news, research, and analysis
on the Electronics industry in your
inbox every week - for FREE
Sign up for our FREE eNewsletter
Advertisement
Find Free Electronics Datasheets
Advertisement