Survey Reveals that Data Protection Practices Are Still Poor

by | Last updated Jan 27, 2024 | Published on Feb 13, 2019 | Document Conversion / Scanning Services

Keeping passwords and other sensitive information such as personal details safe and protected from outside intruders is a priority for all businesses. Even when outsourcing document scanning tasks to a document scanning company, the organization should ensure that the company they partner with complies with all security regulations and follows best practices. In spite of concerns over privacy and data protection, many individuals and businesses fail to incorporate security.

Data Protection

Yubico, the leading provider of hardware authentication security keys, has released the 2019 State of Password and Authentication Security Behaviors Report, conducted by the Ponemon Institute. For the purpose of study, Ponemon Institute surveyed more than 1,760 IT and IT security practitioners in the UK, US, Germany and France. The survey revealed the following interesting facts:

  • More than two-thirds of employees (69%) share passwords with colleagues in the workplace to access accounts and 51% of employees reuse an average of five passwords across their business and personal accounts.
  • 63% of respondents said that they have become more concerned about the privacy and security of their personal data than two years ago. The data that respondents are most concerned about include Social Security number or citizen ID, payment account details and health information. The reasons for the concern about their privacy are government surveillance (59%) and the growing use of mobile devices (51%) and connected devices (40%).
  • 47% of respondents said that their companies are most concerned about protecting customer information and 45% of respondents said that they are most concerned about protecting employee information.
  • 51% of respondents have experienced a phishing attack in their personal life, while 44% of respondents have experienced a phishing attack at work. Even though phishing attacks are occurring on a frequent basis, 57% of respondents who have experienced a phishing attack have not changed their password behavior afterwards.
  • Added protection beyond a username and password, in the form of two-factor authentication (2FA) is not used extensively. For instance, 55% of respondents do not use it at work and 67% of respondents do not use any form of two-factor authentication in their personal life.
  • The poor security practices of employees are incurring additional unnecessary costs. On an average, respondents report having to spend around 12.6 minutes each week, or 10.9 hours a year, entering or resetting passwords. On the basis of the average company size of almost 15,000 employees in the research, the report said the estimated annual cost of productivity and labor loss per company averages $5.2 million annually.
  • As managing passwords could be inconvenient and complicated, 57% of respondents expressed a preference for password-less log-ins which will help protect their identity. 56% of respondents believe that a physical hardware token will offer better security.

Yubico says, the aim of this study is to understand the beliefs and behaviors surrounding the password management and authentication practices for individuals in the workplace and at home. The outcome is that in spite of the increasing concerns regarding privacy and protection online and a greater understanding of the best security practices, individuals and businesses are still falling short. They require effective solutions that will offer both added security and convenience. The following are some of the best password management practices that can help both individuals and organizations strengthen their security against current threats.

  • Adopt strong passwords or long passphrases
  • Avoid changing passwords frequently; instead change the password only in case of a potential threat or compromise.
  • Generate password blacklist
  • Apply two-factor authentication for all accounts
  • Add advanced authentication methods including biometric system (logging into an iPhone using a thumb print with Touch ID or authenticating on a Windows 10 PC by looking at it with Windows Hello facial recognition) behavioral biometrics (creates a unique profile of each user by analyzing their interactions with the system).
  • Apply end-to-end encryption
  • Protect accounts of privileged users by providing the users with a different login URL and allow only a single sign-in attempt
  • Ensure secure connection by using a Wi-Fi Protected Access (WPA) 2. Provide a secure VPN connection to remote workers.
  • Ensure continuous backups of sensitive information
  • Train employees to detect and avoid phishing and other social media attacks, explain how criminals may use social engineering for cracking passwords, and encourage employees to avoid sharing information that could be exploited for attacks.

Similarly, when partnering with service providers such as document scanning companies, businesses must make sure that they have strict security measures in place.

Recent Posts

How Document Scanning Promotes Compliance and Reduces Risk

How Document Scanning Promotes Compliance and Reduces Risk

Various industries have specific regulations that govern their operations. Whether small, medium, or large, companies must ensure compliance with all relevant government regulations. Those relying on traditional paper filing systems face challenges in terms of time...

What are the Challenges Involved in Microfilm Scanning?

What are the Challenges Involved in Microfilm Scanning?

Many businesses organizations still have valuable data stored in microfilms and microfiche. Poor storage can cause deterioration of microfilm and loss of valuable data. Microfilm scanning services can provide the solution. Scanning microfilms helps in preserving and...

How Document Digitization Reshapes Supply Chains

How Document Digitization Reshapes Supply Chains

Supply chains play a crucial role in the seamless flow of goods and services across the globe. The integration of digital technologies in the supply chain is bringing about a transformation in how businesses operate and collaborate within their supply networks. With...

Share This