1. TechSpot is dedicated to computer enthusiasts and power users. Ask a question and give support. Join the community here.
    TechSpot is dedicated to computer enthusiasts and power users.
    Ask a question and give support.
    Join the community here, it only takes a minute.
    Dismiss Notice

OpenVPN explains just how bad employees are at maintaining corporate security

By Greg S ยท 7 replies
Jun 18, 2018
Post New Reply
  1. Every week that goes by more headlines of hacks and data breaches are surfacing. In a recent study conducted by OpenVPN, a number of bad habits have been revealed. Although the results are unsurprising, it should come as a reminder to use best practices for security and maybe consider listening to the IT department once in awhile.

    Out of the 500 full-time US employees, 25 percent admitted to using the same password for nearly everything. Once one database or website is hacked, malicious entities will attempt to use recovered credentials on other sites and businesses knowing full well that many users have poor habits.

    When clicking links, 23 percent of employees stated that they did not bother to check where the destination site was before proceeding. In my opinion, this actually seems quite low. Phishing and social engineering attacks using deceptive links in legitimate looking emails have become a highly effective vector for gaining entry.

    One countermeasure to weak passwords and widespread reuse is adopting biometric authentication. Having a software tool to securely store a variety of complex passwords that meet minimum criteria removes the need to remember dozens of phrases with no easily readable form. Over 77 percent of employees believe biometric options are safe to use and 62 percent think that they are better than traditional passwords.

    Despite the high levels of trust with biometric options, only 55 percent of the surveyed employees are using technologies such as fingerprint scanning and facial recognition. It should be noted that some corporations do not allow for the use of biometric options for authentication.

    In order to better combat cyber threats, employees must be properly trained and be able to recognize the signs of potential attacks. Regular training sessions are often unexciting and can be a drag to sit through for those even remotely tech savvy. OpenVPN has found that offering incentives for reporting obvious red flags can keep employees more engaged and less likely to fall into bad habits.

    Just as you should wash your hands after certain activities, cyber hygiene is the concept of following best practices to maintain a secure environment for electronics. Preventing infections requires good habits all the time. Even with proper protocols in place, it is difficult to fight against still unknown threats.

    Permalink to story.

     
  2. Jamlad

    Jamlad TS Maniac Posts: 173   +159

    Biometrics is an awful idea.

    Compromised passwords can be changed. Fingerprints cannot.
     
    Lionvibez and jobeard like this.
  3. jobeard

    jobeard TS Ambassador Posts: 12,368   +1,390

    Also fingerprints / retina scans are hard to fake in the first place.
     
  4. Lionvibez

    Lionvibez TS Evangelist Posts: 1,410   +569

    For retina scans yes.

    However for fingerprints they can be lifted from items you have touched.

    Example you go to the food court for lunch and get a big mac combo. All I had to do is wait for you to throw that drink out in the garbage which your prints are all over.

     
  5. Kibaruk

    Kibaruk TechSpot Paladin Posts: 3,616   +1,099

    Then you need to cross your fingers that the one you are picking up from a trash can is the actual drink and you are set for life...
     
  6. jobeard

    jobeard TS Ambassador Posts: 12,368   +1,390

    Technically correct, but with 100-->1000s in that bin . . . lots of luck finding the one needed
     
  7. Lionvibez

    Lionvibez TS Evangelist Posts: 1,410   +569

    Guys I mean actually being in the food court and lurking.

    So I will be there long enough to know what can and when you did it.

    I'm not talking about waiting until the end of the night to go retrieve it.
     
  8. waterytowers

    waterytowers TS Booster Posts: 112   +17


    Yep finger prints not so good. If I was going to make something secure and identify the right person before giving access I would not use finger prints. You need something that can't be copied easily and preferably the identity/code can be changed.
     
    Lionvibez likes this.

Similar Topics

Add your comment to this article

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...