What Does It Matter If Everyone Is Hacked?

A recent post over at Sophos’ Naked Security blog points to a study claiming that almost half of all American adults have had their personal data hacked in the last year. While the study seems to flawed and plagued with some “interesting” assumptions, it does raise some pertinent questions.

Security picture from Shutterstock

The most fundamental element of most corporate security is the username and password. And we know that many people use the same password for many services. Even if your users aren’t using the same credentials on their personal services as their business accounts, if their personal details are accessible to hackers, then it might be possible to use that information to infiltrate your network.

It’s easy to focus on the recent hacks at Target and eBay as well others in the past with Evernote and LinkedIn as being purely about credit cards and social media credentials. The trouble is, passwords are generally pretty hard to remember so users resort to tactics such as password reuse or making passwords out of personal information that’s easy to recall.

What’s the answer?

Two-factor authentication is becoming increasingly common and better understood by users through parties like banks, Google and Apple employing different forms for their systems. That offers a path forward.

While two-factor might not be convenient or is too expensive to employ for all user accounts, it might be worth considering it for high-risk accounts such as system administrators.

The new way of looking at security is not to put all your eggs in the prevention basket but to consider the points of risk and focus on mitigation. That might mean considering all user accounts to either already be hacked or that they will be if you continue using traditional username/password authentication.

‘Half of American adults hacked’ in the past year – really? [Naked Security]


The Cheapest NBN 50 Plans

Here are the cheapest plans available for Australia’s most popular NBN speed tier.

At Lifehacker, we independently select and write about stuff we love and think you'll like too. We have affiliate and advertising partnerships, which means we may collect a share of sales or other compensation from the links on this page. BTW – prices are accurate and items in stock at the time of posting.

Comments


3 responses to “What Does It Matter If Everyone Is Hacked?”