Sharing passwords a cause for concern for IT departments 20 May, 2007 By Vanessa Ho

PromoPipeline Exclusive Channel Promotions Find Out How You Can Make Money Today! ENROLL FREE! >> Factory Direct Should Not be Cheaper William Vanderbilt - Innovative Learning Channels Cloud Ecosystem II: A Candid Conversation with Oracle Beth Vanni - Amazon Consulting Cloud Ecosystem: A Candid Conversation with Rackspace Hosting Beth Vanni - Amazon Consulting Channel Manager Compensation William Vanderbilt - Innovative Learning Channels Financial Expertise William Vanderbilt - Innovative Learning Channels

The study, done in conjunction with the Business Performance Management (BPM) Forum, noted that 73 per cent, out of the 120 IT and security executive who responded to the survey, indicated that password security has become a bigger issue over the last year, and 77 per cent stated that a network data breach could be critical or disastrous to their company.

Respondents said that 25 per cent or more of their employees have access to information that could compromise the company if stolen or exposed and 40 per cent of respondents said that half or more of their employees have access to confidential information with passwords, smart cards or tokens.

However, almost 60 per cent of respondents have said that they have shared their network password with a colleague and 17 per cent had either given out or received someone else's token or smart card.

"As a result, people who are not entitled or not suppose to have access to certain applications might end up getting access to those applications," said Amr Assal, senior product manager from DigitalPersona. "Once you start sharing passwords you really have no way of knowing what could happen," he added.

Assal said that when it comes to security measures, 32 per cent of respondents said they were looking for solutions that combine ease of use and increased productivity.

Biometrics plays a part of that, he added. Of those considering new types of authentication solutions in their company, fingerprint biometrics was the top consideration.

"28 per cent of respondents bought notebooks with fingerprint [authentication] embedded in them. That's the good news. The bad news is 62 per cent said they haven't used it," said Assal.

He added that the reason why biometrics is slow to adopt is IT departments and managers like to have control and want to be able to have enterprise-wide solutions to manage policies and push policies that are consistent, rather than have employees do their own thing.

"What is happening with these notebooks that come with embedded readers is it's a client-only solution with no back-end [and it] doesn't end up being used as much," Assal said.

Cost is another factor why companies have not used biometrics but the growing costs of forgotten passwords is leading companies to consider it so people don't have to remember passwords, he added.

Of the respondents that said they were using their fingerprint systems, the most common uses were secure login to the company network and physical access to facilities.

Assal said that IT executives are still concerned about security issues especially around password management and are looking for the adoption of enterprise-wide biometric solutions to increase.