Deloitte & Touche   Deloitte & Touche
Global > Ireland > News Room > Press Releases    
43% of people reveal computer passwords – Deloitte
Published: 01/11/07
EnterContact: Claire Quinn
Deloitte
PR Executive
+353 87 6825766

Contact: John McGuinness
Murray Consultants
+353 1 498 0361

Survey details serious lack in Security Awareness

Increased emphasis needs to be placed on IT Security Training to safeguard company’s data

Deloitte today launched their latest Information Security Awareness survey, which shows that 43% of respondents revealed their computer password. The survey, which was carried out to gain an understanding of the level of security awareness people have in a professional environment, reveals that organisations need to place increased emphasis on IT security awareness training.

The survey found that although 81% of respondents were aware that their organisation did have a computer usage policy in place, over half of those interviewed did not receive any IT security awareness training. Of those that did receive training, 42% still revealed their passwords.

Commenting on the results of the survey, Colm McDonnell, Partner, Enterprise Risk Services, Deloitte said: “This is a worrying trend for organisations as it certainly highlights the need for not only increased IT security awareness training, but also more effective training. Passwords are the key to a wealth of information stored on a company’s network. Many respondents not only divulged their computer password but also their own name and the name of the organisation they work for. With this information it is possible to hack into areas assigned to the individual and also into more sensitive areas of a company’s network.”

The survey also investigated how people chose their password. 41% of respondents chose a familiar name (i.e. own name, pet, close relative).

On a positive note, 84% of respondents use a mix of words, numbers and characters and 85% of people change their passwords on a regular basis - or at least when prompted. However, although good password changing and complexity policies are enforced, 61% of people who change their passwords on a monthly basis use the same password with a slight variation. This does increase the risk of forced hacking attacks or other security breaches.

McDonnell continued, “Every member of an organisation needs to understand their role in safeguarding the company’s data. The lack of security awareness that this survey shows, coupled with the increasing sophistication of threats posed means that companies must continually invest in improving their posture through the use of security technologies available and additional security training. Usernames and passwords are no longer sufficient - two factor authentication is the very minimum required now.”

Companies and individuals should take greater care to ensure that passwords and other security related information is protected. 

As a guideline, a strong password should comprise of the following characteristics:

  • More than 6-8 characters long;
  • Combinations of letters, words and symbols;
  • Avoid using familiar names / easy to guest passwords;
  • Avoid dictionary words; and
  • Avoid using sequence of letters (e.g. 12345).

Individuals should be educated to ensure that they:

  • Do not display or store passwords online;
  • Use more that 1 password for different applications and logins;
  • Do not reveal a password to anyone especially not over e-mail;
  • Change passwords on a regular basis; and
  • If you think your password might be compromised, change your password immediately.

About the survey

A total number of 101 people were interviewed of whom only one person does not use a computer.  The total population therefore used in the survey results comprised of 100 people, including 43 males and 57 females.  66% of people interviewed were between the ages of 24-35.  The population consisted of people working in the Finance, Technology, Government, Banking, Insurance, Architecture, Law, Retail, Telecoms and Education industries.

About Deloitte 

Deloitte Ireland is a world-class firm of expert business advisers, serving senior business leaders who are seeking to protect and create value in a complex, dynamic environment. Our objective is to help our clients succeed by anticipating tomorrow’s agenda with focused, insightful and fresh thinking borne out of our multidisciplinary strengths. We draw upon our specialist skills in audit, tax, consulting and financial advisory both within Ireland and across the Deloitte worldwide network. 

What’s different about Deloitte is our people, who focus on building long-term relationships and are determined to deliver measurable value for our clients’ business. With over 1,000 people in Dublin, Cork and Limerick Deloitte is known as an employer of choice for our innovative human resources programmes and is dedicated to helping our clients and our people excel.

'Deloitte' refers to Deloitte & Touche and any associated partnerships and companies established under the laws of Ireland. Deloitte is the Irish member firm of Deloitte Touche Tohmatsu. For more information, please visit the Irish member firm’s website at www.deloitte.com/ie.
# # #
Contact us for more information about this topic.
 
Page Last Updated: 01 November 2007
Source: Deloitte & Touche - Ireland (English)

Print This Page    Email To A Colleague
  Security | Legal | Privacy    

© 2008 Deloitte & Touche, Ireland. All rights reserved.

Deloitte refers to one or more of Deloitte Touche Tohmatsu, a Swiss Verein, and its network of member firms, each of which is a legally separate and independent entity.  Please see www.deloitte.com/ie/about for a detailed description of the legal structure of Deloitte Touche Tohmatsu and its member firms.

Best companies to work for 2008
Best Workplaces in Europe 2008    Best Student Marketing Campaign 2008 - GradIreland Awards     Subscribe to RSS:
Deloitte Ireland news 
What is this?      

Bookmark