Centrify, a leading provider of Identity-Centric Privileged Access Management solutions, announced the results of an onsite ballot conducted at RSA Conference 2020, held last week in San Francisco. The survey asked conference attendees about their cyber hygiene habits at work to determine how much of a threat they posed to their organizations general cybersecurity, finally revealing that workers themselves pose the largest threat.

Nearly 60% of respondents correctly identified employees as the largest threat to their organization's security, followed by hackers (23%) and third-party vendors/partners (18%).

Additional ballot findings similarly validated why workers pose a cybersecurity threat in the first place:

40% of respondents have tried to bypass a corporate security policy at work
Nearly 1 in 4 respondents (23%) use the same passwords for work and personal accounts, defying enterprise first-class practices
More than 1 in 5 respondents (21%) still store passwords on their phone, computer, or in printed document, violating industry best practices

81% of hacking-related breaches leverage stolen and/or weak passwords, in accordance to Verizons Data Breach Investigations Report. All it takes is one worker using a weak password to open the doors, stated Torsten George, Cybersecurity Evangelist at Centrify. Thats why each and every organization must implement frequent password changes and use single sign-on (SSO), and privileged credentials should be saved in a password vault.

On a positive note, the ballot also revealed that less than 15% of respondents stated having beforehand shared their work login credentials or used someone elses login credentials at work.

The poll results illustrate that every worker has an essential function to play when it comes to protecting their organizations from cybersecurity threats. Simple best practices to assist minimize the risk of being compromised include:

Make Your Password as Strong as Possible: Passwords must incorporate a mixture of upper and lowercase letters, numbers, and unique characters. Using a password manager will assist create long, hard passwords and manipulate them for you. In the case of a regarded data breach, change your password immediately. Passwords for privileged accounts must be rotated each and every time they are checked back into a password vault.

Implement MFA on All Accounts: Multi-factor authentication (MFA) requires users to confirm their identity with another factor rather than just a username and password, including an extra layer of security. Centrify also announced help for passwordless authentication using biometrics, such as Windows Hello and Apples Face ID and Touch ID.

Dont Take the Phish Bait: Its not always emails that are used to hook you, its more and more text messages and other messaging platforms. The first step in stopping phishing attacks is training employees to recognize, avoid and report any suspicious emails or messages, and conducting periodic simulations of phishing attacks. Vigilance is still the best defense.