Passwords are broken: Centrify executive

With an estimated 63% of data breaches involving weak and stolen passwords, a Centrify executive believes it is time to rethink security.

David McNeely, Centrify’s vice president of product strategy, is visiting Australia to attend the Gartner risk management summit in Sydney this week.

McNeely said there is growing awareness among businesses that “passwords are broken and users have too much access and privilege”, and there are sentiments that staying with the status quo is not viable.

He noted that Verizon’s latest Data Breach Investigations Report found that 63% of confirmed data breaches involve weak, default or stolen passwords, while Centrify’s own research has found that 52% of employees sometimes share their access credentials with contractors and vendors.

“For organisations to reduce the risks created by hybrid IT infrastructures, they need to move from a position of having too many passwords and too much privilege for users to a situation where all privileged access is logged and monitored as a standard procedure,” he said.

“Essential steps in this migration include reducing identity silos so that users only need to remember their network identity and killing off passwords by demanding single sign-on (SSO) from vendors and developers.”

Gartner estimates that Australian organisations will spend around $114.6 million on identity and access management technologies this year.

Image courtesy of Automobile Italia under CC