Intelligent CISO Issue 17 | Page 64

Organisations need to work harder than ever to close the gap; and implementing flexible working policies is one way to get ahead of the game. varying degrees of success; however, there are challenges that are being overlooked. The main concerns revolve around security, with many worried about how remote workers can access sensitive company data, while maintaining a secure and safe environment. With cyberattacks reported to have cost UK businesses £300 billion (US$370 billion) in 2018, it can be a colossal challenge for IT departments to ensure that users who are logging in remotely are doing so securely. What is the threat? With 80% of security breaches involving the abuse and 64 misuse of privileged credentials, the threat is passwords. Everyone is raising the alarm about weak passwords and encouraging the use of more complex ones as an easy form of defence. However, complex passwords can often cause more havoc than simple ones. Imagine your IT department requires you to change your password every 30 days, it must have one uppercase letter, one number and contain one special character. There is no way the average person is going to remember a new password every month. So what happens? Users write their passwords down, email it to themselves, keep it in a spreadsheet, or, simply forget their password and request a reset – the most frustrating outcome for those working on IT help desks. A single user may have anywhere from 20 to 200 passwords across dozens of enterprise-level applications, accessing secure information from various devices including laptops and smartphones. In order to keep the remote working train moving, we need to ensure every worker is logging on to company networks safely and securely. One solution to this problem is implementing a single sign-on (SSO) system that integrates multi-factor Issue 17 | www.intelligentciso.com