https://www.channelfutures.com/wp-content/themes/channelfutures_child/assets/images/logo/footer-new-logo.png
  • Home
  • Technologies
    • Back
    • Analytics
    • Artificial Intelligence
    • Cloud
    • Data Centers
    • Desktop
    • IoT
    • Mobility
    • Networking
    • Open Source
    • RMM/PSA
    • Security
    • Virtualization
    • Voice/Connectivity
  • Strategy
    • Back
    • Best Practices
    • Business Models
    • Channel 101
    • Channel Programs
    • Channel Research
    • Digital Transformation
    • Diversity & Inclusion
    • Leadership
    • Mergers and Acquisitions
    • Sales & Marketing
    • Specialty Practices
  • MSSP Insider
    • Back
    • Business of Security
    • Cloud and Edge
    • Endpoint
    • Network
    • People and Careers
    • Training and Policies
  • MSP 501
    • Back
    • 2020 MSP 501 Rankings
    • 2020 Hot 101 Rankings
    • 2020 MSP 501 Report
  • Intelligence
    • Back
    • Our Sponsors
    • From the Industry
    • Content Resources
    • COVID-19 Partner Help
    • Galleries
    • Podcasts
    • Reports
    • Videos
    • Webinars
    • White Papers
  • EMEA
  • Awards
    • Back
    • Excellence in Digital Services
    • 2020 MSP 501
    • Top Gun 51
  • Events
    • Back
    • CP Conference & Expo
    • Channel Partners Evolution
    • Channel Evolution Europe
    • Channel Partners Event Coverage
    • Webinars
  • Channel Mentor
    • Back
    • Channel Market Intelligence
    • Channel Educational Series
Channel Futures
  • NEWSLETTER
  • Home
  • Technologies
    • Back
    • Analytics
    • Artificial Intelligence
    • Cloud
    • Data Centers
    • Desktop
    • IoT
    • Mobility
    • Networking
    • Open Source
    • RMM/PSA
    • Security
    • Virtualization
    • Voice/Connectivity
  • Strategy
    • Back
    • Best Practices
    • Business Models
    • Channel 101
    • Channel Programs
    • Channel Research
    • Digital Transformation
    • Diversity & Inclusion
    • Leadership
    • Mergers and Acquisitions
    • Sales & Marketing
    • Specialty Practices
  • MSSP Insider
    • Back
    • Business of Security
    • Cloud and Edge
    • Endpoint
    • Network
    • People and Careers
    • Training and Policies
  • MSP 501
    • Back
    • 2020 MSP 501 Rankings
    • 2020 Hot 101 Rankings
    • 2020 MSP 501 Report
  • Intelligence
    • Back
    • Our Sponsors
    • From the Industry
    • Content Resources
    • COVID-19 Partner Help
    • Galleries
    • Podcasts
    • Reports
    • Videos
    • Webinars
    • White Papers
  • EMEA
  • Awards
    • Back
    • Excellence in Digital Services
    • 2020 MSP 501
    • Top Gun 51
  • Events
    • Back
    • CP Conference & Expo
    • Channel Partners Evolution
    • Channel Evolution Europe
    • Channel Partners Event Coverage
    • Webinars
  • Channel Mentor
    • Back
    • Channel Market Intelligence
    • Channel Educational Series
    • Newsletter
  • REGISTER
  • MSPs
  • VARs / SIs
  • Digital Service Providers
  • Cloud Service Providers
  • CHANNEL PARTNERS ONLINE
 Channel Futures

MSSP Insider


Shutterstock

Security Roundup

Security Roundup: World Password Day, Qualys, Infosec, Innovation via Aquisition

  • Written by Edward Gately
  • May 2, 2019
IT professionals at U.S. companies waste 2.5 months a year resetting internal passwords.

It’s World Password Day, do you know if your passwords are strong enough to keep cybercriminals at bay?

OneLogin conducted a study of more than 300 IT decision-makers across the United States and found that IT leaders are putting business data at risk by not effectively managing employees’ passwords. Despite the fact that 91% report they have company guidelines in place around password complexity and 92% believe their current password protection measures and guidelines provide adequate protection for their business, the results suggest there is still more work to be done.

Key findings include:

  • IT professionals at U.S. companies waste 2.5 months a year resetting internal passwords.
  • 65% of respondents don’t check employee passwords against common password lists and 76% don’t check employee passwords against password complexity algorithms.
  • 63% don’t require special characters or minimum length.
  • 71% of corporate passwords don’t require numbers and 72% don’t require upper or lower case differentiators.
  • 63% percent have not implemented password rotation policies
OneLogin's Thomas Pedersen

OneLogin’s Thomas Pedersen

Thomas Pedersen, OneLogin’s CTO, tells us most companies simply don’t have sufficient password hygiene practices to properly protect themselves.

“Certainly, security providers will see these statistics as a great opportunity, but it is important for companies to be careful about which partners they choose to work with,” he said. “A powerful platform is essential, but it’s also important to find a simple solution that will be easily embraced across the enterprise.”

Cybercriminals are always looking for the quick score, and it is a “virtual certainty” that every company without quality password protection will be compromised at some point, especially as the pace of business speeds up and the tech stack becomes increasingly complex, Pedersen said. The ramifications of a serious breach generally trend toward catastrophic in terms of lost and compromised data, he said.

“Companies that want to protect themselves against password theft must deploy multifactor authentication (MFA) and single sign-on,” he said. “MFA will ensure that a criminal cannot get access with a password alone and single sign-on will completely eliminate passwords from a larger number of applications. These solutions are available off the shelf from a number of cloud vendors and can be deployed in a matter of days without any specialized security personnel. There really is no excuse at this point.”

Malicious hackers are improving their tactics faster than enterprises are stepping up their security game, Pedersen said, adding that implementing better password practices alone does not solve the problem.

“The IT department in most companies only has visibility of a small part of the cloud apps being used, and that’s the blind spot to focus on,” he said. “Only by implementing a companywide identity and access management initiative in collaboration with the end users can companies hope to protect themselves against password-related breaches.”

To commemorate World Password Day, the Cyber Threat Alliance (CTA) released its joint analysis on securing edge devices, including research from Sophos, that reaffirms the importance of improving password strength and management.

Andrew Brandt, Sophos principal researcher, tells us the message of World Password Day appears to be that passwords are an inadequate means to protect sensitive data and that people should adopt two-factor (or multifactor) authentication more broadly across society and not just in workplace or enterprise environments.

“While that’s a laudable goal and worthy of the effort to push people that way, a lot of our research focused on a variety of devices that, inherently, do not allow for a two-factor authentication method at all,” he said. “There is no way, for example, to enable MFA on a …

  • Page 1
  • Page 2
  • Page 3
Tags: MSPs Business of Security Cloud and Edge Endpoint MSSP Insider Training and Policies

Related


  • Cloud security
    IT Facing Major Security Issues, But Cloud Security May Be Most Immense
    A number of reports point to security problems within client environments, but cloud could be the biggest.
  • Threats
    Despite SIEM Software Adoption, Threat Coverage Comes Up Short
    Enterprise SIEMs are unprepared for 84% of certain tactics and techniques.
  • Unveil
    Secureworks Debuts New MSSP Partner Track, Analytics Platform
    The MSSP track focuses on what's required to provide managed cybersecurity services.
  • Unemployment benefits application
    Cybercriminals Now Targeting Unemployment Benefit Claims
    More than 1 million Washington residents who filed for unemployment had their personal information stolen.

Leave a comment Cancel reply

-or-

Log in with your Channel Futures account

Alternatively, post a comment by completing the form below:

Your email address will not be published. Required fields are marked *

Related Content

  • Financial Sector Cyberattacks Rising with Bad Actors Raking in the Dough
  • Untangle Research: Breach Headlines to Prompt Increased Cybersecurity Spending
  • As Threats Soar, Biden Administration, CompTIA Prioritize Cybersecurity
  • Despite Drop in Data Breaches, Exposed Records Jump in 2020

Galleries

View all

Threat Protection Vendors: Why MSSPs Have to Ramp Up Efforts Right Now

February 23, 2021

Industry Perspectives

View all

Three Ways MSPs Can Improve Supply Chain Security

February 24, 2021

SASE: The Key to Mitigating Business Transformation Risk

February 22, 2021

Public Sector IT Funding Outlook for 2021–and What It Means for Our Reseller Partners

February 18, 2021

Webinars

View all

XDR and Why it Matters to MSPs

March 24, 2021

Top Security Trends Impacting Technology Security Providers In 2021

March 25, 2021

In Case of Emergency: The Importance of Proactive Critical Event Management

February 23, 2021
  • 1

White Papers

View all

Kaspersky Endpoint Detection and Response Optimum

February 19, 2021

Product Brief: Kaseya VSA Integrated Workflows with BMS and IT Glue

January 26, 2021

Why Subscription Business Model

January 15, 2021

Upcoming Events

View all

Channel Partners Virtual

March 2, 2021 - March 4, 2021

Channel Partners Conference & Expo

November 1, 2021 - November 4, 2021

Videos and Fastchats

View all

FASTCHAT: How SOAR Eliminates Security Challenges and Elevates Service Provider Revenues

January 6, 2021

Happy Holidays from Channel Partners & Channel Futures!

December 21, 2020

FASTCHAT: How Old, Unpatched Technologies Are Creating New Security Threats for MSPs and Their Customers

December 3, 2020

Twitter

ChannelFutures

.@BlackBerry report shows rise in hacker-for-hire groups targeting #MSSPs. dlvr.it/RtQjD9 https://t.co/VYr5cEXCCm

February 25, 2021
ChannelFutures

.@PTsecurity_UK discovers #vulnerabilities in @VMware vCenter server. dlvr.it/RtQjD5 https://t.co/WQbn5SJdFL

February 25, 2021
ChannelFutures

Take #supplychainsecurity to the next level. @Sophos #MSP #MSSP #ransomware #cybersecurity #managedservice… twitter.com/i/web/status/1…

February 25, 2021
ChannelFutures

[email protected]_inc rolls out first partner program. #securityanalytics dlvr.it/RtQhlW https://t.co/c1Xhxaf3qr

February 25, 2021
ChannelFutures

.@AteraCloud receives $25 million investment to help more #MSPs, IT pros. dlvr.it/RtPbBG https://t.co/UxHqhrUKgx

February 24, 2021
ChannelFutures

.@Infoblox rolls out new #Cloud Specialization program to increase partners' #SaaS sales. dlvr.it/RtPb7f https://t.co/CmZTwYiv1u

February 24, 2021
ChannelFutures

RT @Channel_Expo: ⏱️ Time is ticking to save on your pass to #CPVirtual next week...View all pass options and secure your virtual seat by F…

February 24, 2021
ChannelFutures

The new @Commvault #EMEA channel exec will focus attention on alliances, cloud and simplifying and expanding partne… twitter.com/i/web/status/1…

February 24, 2021

MSSP Insider

Newsletters and Updates

Sign up for The Channel Report, Channel Futures Update, MSP 501 Newsletter and more.

Live Channel Events

Get the latest information on the next industry-leading Channel Partners event.

Channel Partners Online

Want more? Find more channel news and analysis on our sister site, Channel Partners.

Media Kit And Advertising

Want to reach our audience? Access our media kit

DISCOVER MORE FROM INFORMA TECH

  • Channel Partners Online
  • Channel Partners Events
  • MSP 501
  • MSSP Insider
  • IoT World Today
  • Webhostingtalk

WORKING WITH US

  • Contact
  • About us
  • Advertise
  • Newsletter

FOLLOW Channel Futures ON SOCIAL

  • Privacy
  • CCPA: “Do Not Sell My Data”
  • Cookie Policy
  • Terms
Copyright © 2021 Informa PLC. Informa PLC is registered in England and Wales with company number 8860726 whose registered and Head office is 5 Howick Place, London, SW1P 1WG.
This website uses cookies, including third party ones, to allow for analysis of how people use our website in order to improve your experience and our services. By continuing to use our website, you agree to the use of such cookies. Click here for more information on our Cookie Policy and Privacy Policy.
X