I am on a lot of privacy and security list-serves and keep up with surveys relating to data privacy and security. I was most distressed this week to download SailPoint’s 2016 Market Pulse Survey. Not that it isn’t well done—no—it is quite well done. But the results are really distressing.
The title of the survey is “2016 Market Pulse Survey: Weak Security Practices Leave Organizations Exposed.” Isn’t that the truth. You can download the survey if you give them your contact information so they can send you marketing materials.
The survey outlines what most of us know: employees continue to be one of the biggest risks to company’s data security. Specifically, the report concludes that:
- “Poor password hygiene and negligence continue to plague the enterprise”
- “Data breaches became personal”
- “Organizations are struggling to keep up, and are exposed in the meantime.”
The most distressing conclusion? “One in five employees would sell their passwords to an outsider.” And they will sell it for peanuts. 44% of U.S. employees indicated that they would sell their passwords for less than $1,000. SailPoint says “Even more concerning? Some would sell their corporate credentials for less than $100.”
This, despite the fact that 84% of U.S. employees surveyed are concerned that their sensitive information is being shared with others. Apparently they have every right to be concerned when co-workers are so willing to sell their corporate credentials.
Newsflash to those employees so willing to take cash for corporate credentials—when you give your credentials to someone else, THEY HAVE ACCESS TO AND ARE STEALING YOUR INFORMATION TOO. If you are so concerned about your own information, then keep those credentials secure. And by the way—think about your co-workers and the loss of their data because you sold the keys to the server.
Please. Keep your day job and protect your information, your co-workers’ information, and your company’s information. It’s just not worth the $100.