Password Protection

Many IT professionals are not keen on changing their enterprise passwords and lack a fundamental understanding of IT security awareness, particularly in the areas of password control and privileged logins.

Federal Computer Week reports on a recent survey of more than 300 IT professionals by Lieberman Software that found 48 percent of respondents have worked for organizations whose network has been breached by a hacker. Forty-two percent of IT professionals surveyed said they work in organizations where IT staff share passwords or access to systems or applications, and 51 percent said they have ten or more passwords to remember at work.

In addition, 26 percent of respondents said they know an IT staff member who has abused a privileged login to access sensitive information. Forty-eight percent of IT pros surveyed also said they work at companies that do not change their privileged passwords within 90 days, the survey found.

Lieberman, which offers identity management software, obviously had a motive in performing the study. But the survey suggests that the lack of password security could be the root cause for the hacking spike and could set the stage for future data breaches in 2012.

"This survey shows that despite the huge number of frequent data breaches, over the past twelve months senior management in many organizations have not yet grasped the fundamentals of IT security," said Phillip Lieberman, president and CEO of Lieberman Software. "In fact they are actively paving the way for more and bigger disasters."

Can you identify with some or all of the survey results? How many passwords must you remember at work?