The survey also identified that in the US, 24 per cent of respondents hear more about office happy hours than they do about security; 22 per cent hear more about office birthdays; and 18 per cent hear more about kitchen etiquette. In the UK, those percentages are 17, 18 and 17, respectively.
Centrify released State of the Corporate Perimeter survey of more than 400 IT decision makers that aimed to find out if corporations are as secure as they need to be. One part one of the survey revealed dangerous gaps in protocols related to identity management that leave companies vulnerable to attack. Another part spotlights some of the psychological realities businesses face to secure assets.
Organizations are far more vulnerable than they care to admit
- 55% of US ITDMs said their organizations had been breached in the past
- 44% of US companies had breaches that together cost millions of dollars
- 45% of UK ITDMs said their organizations had been breached in the past
- 35% of UK companies had breaches that together cost millions of dollars
An unexpected result from the survey was how little money it would cost to persuade an IT decision maker to become a hacker. When asked if they would become a hacker for US$2000 or less, 28 per cent of US respondents and 14 per cent of UK respondents said “yes”.
When asked if they could break in anywhere and get away with it, the most popular answers were (US and UK centric):
- The White House
- David Cameron’s private email
- Bill Gates
- My bank
- Papa John’s Pizza
Some 59% of IT decision makers reported sharing credentials with other employees and 52% share access with contractors. There is only one way to keep a secret – don’t tell anyone. Credentials are ‘keys to the IP kingdom’ and are regularly sold for gain. Worst still was that 53% said that it would be somewhat easy for former employees to log in and access data – it can take up to a week or often more to remove their access.
“The real enemy here is lack of concern,” said Centrify chief product officer Bill Mann. “The technology exists, but the will does not. Many companies do not realise this risk until their name is splashed across headlines. Even if a company is not famous, one data leak can bring an entire business to a permanent halt.
“Today’s corporate perimeter has nothing to do with physical headquarters. Data resides in the cloud and on the numerous devices used in the field. It is our hope that Centrify State of the Corporate Perimeter survey findings will convince IT decision makers to take steps now to secure their assets before hackers find holes and exploit them,” he added.