Cloud Security Authors: Liz McMillan, Pat Romanski, Elizabeth White, Yeshim Deniz, Terry Ray

Related Topics: Cloud Security

News Feed Item

RSA Security Survey Reveals Multiple Passwords Creating Security Risks and End User Frustration

End Users Suffering from Password Overload Rely Upon Risky Password Management Behaviors; Password Reset Calls Driving Up IT Hel

BEDFORD, Mass., Sept. 27 /PRNewswire-FirstCall/ -- RSA Security Inc. today announced survey results that show the challenges end users face in managing passwords inside the enterprise, and the potential corporate IT security risks that result. The survey of almost 1700 enterprise technology end users in the United States showed that over a quarter of respondents must manage more than 13 passwords at work, and that nine out of ten respondents are frustrated with the password management challenge. This frustration is leading to behaviors that could jeopardize IT security, as well as compliance initiatives.

"Compliance initiatives have led companies to enforce and strengthen password policies, which has resulted in additional burdens for the end user -- such as requiring that employees change passwords more frequently, or leverage very difficult to remember passwords," said Andrew Braunberg, senior analyst at Current Analysis. "Paradoxically, password policies that are not user-friendly spur risky behavior that can undermine security. These policies also raise IT help desk costs as companies allocate more resources to password resets."

Plethora of Passwords Creates Frustration

The results of the RSA Security survey reveal that employees are managing an incredibly large number of passwords at work. Twenty-eight percent of respondents must keep track of more than 13 passwords; 30 percent of respondents manage between 6-12 passwords. Managing so many passwords is leading to greater end user frustration: the vast majority of those surveyed (88 percent) reported frustration with the password management process.

Password Overload Driving Risky IT Security Behaviors

RSA Security's survey findings indicate that while end users may attempt to memorize passwords, employees continue to resort to other, less secure means of tracking multiple passwords. The most common risky password management behaviors include:

-- Maintaining a spreadsheet or other document stored on the PC (25 percent) -- Recording a list of passwords on a PDA or other handheld device (22 percent) -- Keeping a paper record of passwords in an office/workspace (15 percent) The Password Burden on the IT Help Desk

Research from the Burton Group reports that each call to the IT help desk may cost between $25 and $50. Despite this, the RSA Security survey showed that the bulk of password reset responsibilities continue to lie in the hands of IT help desk staff, with 82 percent of respondents indicating that IT help desk staff must intervene when passwords are lost or forgotten.

The survey also showed the potential for lost productivity when employees rely on the IT help desk to manage a lost or forgotten password. Twenty percent of respondents said it takes the IT help desk staff between 6 and 15 minutes to address a lost or forgotten password problem; 17 percent said it takes longer than 16 minutes.

Protecting the "Keys to the Kingdom"

Respondents were queried on the impact of leveraging a "master password," which could be used to gain access to all other passwords. The overwhelming majority of respondents -- 98 percent -- believe that it would be important to add a layer of protection if they were provided with one master password at work - essentially, protecting the "keys to the kingdom." Tellingly, 55 percent of respondents rated adding an added layer of security as "very important."

Survey Description and Methodology

The RSA Security password management survey was conducted online between August 31 and September 19, 2005. 1685 respondents, including CIOs/CSOs, and IT directors, managers and administrators took part in the online survey. The survey polled individuals located in the United States.

***Note to media: A report with additional survey results can be obtained by sending a note to [email protected].

About RSA Security Inc.

RSA Security Inc. is the expert in protecting online identities and digital assets. The inventor of core security technologies for the Internet, the company leads the way in strong authentication and encryption, bringing trust to millions of user identities and the transactions that they perform. RSA Security's portfolio of award-winning identity & access management solutions helps businesses to establish who's who online - and what they can do.

With a strong reputation built on a 20-year history of ingenuity, leadership and proven technologies, we serve more than 18,000 customers around the globe and interoperate with more than 1,000 technology and integration partners. For more information, please visit http://www.rsasecurity.com/.

RSA Security is a registered trademarks or trademarks of RSA Security Inc. in the United States and/or other countries. All other products and services mentioned are trademarks of their respective companies.

For more information: Erica Pereira Dave Howell OutCast Communications RSA Security Inc. (415) 392-4728 (781) 515-6303 [email protected]@rsasecurity.com

RSA Security Inc.

CONTACT: Erica Pereira of OutCast Communications, +1-415-392-4728,
[email protected]; or Dave Howell of RSA Security Inc., +1-781-515-6303
[email protected]

Web site: http://www.rsasecurity.com/

More Stories By PR Newswire

Copyright © 2007 PR Newswire. All rights reserved. Republication or redistribution of PRNewswire content is expressly prohibited without the prior written consent of PRNewswire. PRNewswire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

IoT & Smart Cities Stories
DXWorldEXPO | CloudEXPO are the world's most influential, independent events where Cloud Computing was coined and where technology buyers and vendors meet to experience and discuss the big picture of Digital Transformation and all of the strategies, tactics, and tools they need to realize their goals. Sponsors of DXWorldEXPO | CloudEXPO benefit from unmatched branding, profile building and lead generation opportunities.
In this Women in Technology Power Panel at 15th Cloud Expo, moderated by Anne Plese, Senior Consultant, Cloud Product Marketing at Verizon Enterprise, Esmeralda Swartz, CMO at MetraTech; Evelyn de Souza, Data Privacy and Compliance Strategy Leader at Cisco Systems; Seema Jethani, Director of Product Management at Basho Technologies; Victoria Livschitz, CEO of Qubell Inc.; Anne Hungate, Senior Director of Software Quality at DIRECTV, discussed what path they took to find their spot within the tec...
The deluge of IoT sensor data collected from connected devices and the powerful AI required to make that data actionable are giving rise to a hybrid ecosystem in which cloud, on-prem and edge processes become interweaved. Attendees will learn how emerging composable infrastructure solutions deliver the adaptive architecture needed to manage this new data reality. Machine learning algorithms can better anticipate data storms and automate resources to support surges, including fully scalable GPU-c...
Disruption, Innovation, Artificial Intelligence and Machine Learning, Leadership and Management hear these words all day every day... lofty goals but how do we make it real? Add to that, that simply put, people don't like change. But what if we could implement and utilize these enterprise tools in a fast and "Non-Disruptive" way, enabling us to glean insights about our business, identify and reduce exposure, risk and liability, and secure business continuity?
Nicolas Fierro is CEO of MIMIR Blockchain Solutions. He is a programmer, technologist, and operations dev who has worked with Ethereum and blockchain since 2014. His knowledge in blockchain dates to when he performed dev ops services to the Ethereum Foundation as one the privileged few developers to work with the original core team in Switzerland.
DXWorldEXPO LLC announced today that Telecom Reseller has been named "Media Sponsor" of CloudEXPO | DXWorldEXPO 2018 New York, which will take place on November 11-13, 2018 in New York City, NY. Telecom Reseller reports on Unified Communications, UCaaS, BPaaS for enterprise and SMBs. They report extensively on both customer premises based solutions such as IP-PBX as well as cloud based and hosted platforms.
"Akvelon is a software development company and we also provide consultancy services to folks who are looking to scale or accelerate their engineering roadmaps," explained Jeremiah Mothersell, Marketing Manager at Akvelon, in this SYS-CON.tv interview at 21st Cloud Expo, held Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA.
"Space Monkey by Vivent Smart Home is a product that is a distributed cloud-based edge storage network. Vivent Smart Home, our parent company, is a smart home provider that places a lot of hard drives across homes in North America," explained JT Olds, Director of Engineering, and Brandon Crowfeather, Product Manager, at Vivint Smart Home, in this SYS-CON.tv interview at @ThingsExpo, held Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA.
DXWordEXPO New York 2018, colocated with CloudEXPO New York 2018 will be held November 11-13, 2018, in New York City and will bring together Cloud Computing, FinTech and Blockchain, Digital Transformation, Big Data, Internet of Things, DevOps, AI, Machine Learning and WebRTC to one location.
The current age of digital transformation means that IT organizations must adapt their toolset to cover all digital experiences, beyond just the end users’. Today’s businesses can no longer focus solely on the digital interactions they manage with employees or customers; they must now contend with non-traditional factors. Whether it's the power of brand to make or break a company, the need to monitor across all locations 24/7, or the ability to proactively resolve issues, companies must adapt to...