Quick Job Application

In a rush? Simply drop off your CV by clicking on the button to your right, and we'll get in contact if we have a suitable vacancy.

CV Dropoff

Are Password Managers the Future of IT Security?

In 2004, Microsoft CEO Bill Gates boldly predicted the death of passwords, proclaiming that, “they just don't meet the challenge for anything you really want to secure.”

Fast forward 15 years, and despite Gates’ concerns about IT security, password use has since risen tremendously.

Nevertheless, the IT industry is still concerned about the worldwide reliance on the humble password, with millions invested each year to fund the next breakthrough in security measures.

Does the Facebook cyber security breach prove we need password management software?

Public concern over data security and the demand for more robust measures is on the rise, as high-level cyber breaches become more commonplace in the everyday news cycle.

A recent notable breach came from repeat cyber security offenders Facebook. No strangers to cyber security scandals, the social media giant was exposed for having a ‘glitch’ in their IT system that exposed the account details of up to 600 million Facebook users. More alarming was the fact that user’s passwords were being stored in plain text and searchable by more than 20,000 Facebook employees.

Such a public security breach at such a well-known company sent ripples throughout our well connected modern world, giving rise to the question: how can we make our data more secure?

Many within the IT industry believe that the solution is already available in the form of password management software.

What is a password manager?

'Auto-pilot for all your passwords' - Auto-filled password fields using a password manager
Credit: Lastpass.com

So what are password managers exactly?

A password manager is a software application that stores the login information of various accounts and automatically enters these details into user’s login forms. Because the password management system stores and enters these passwords, they can be long, strong and unique character strings that would be nigh on impossible for users to remember for each individual account (and even harder for others to guess).

What are the benefits of using a password management system?

For the uninitiated, below are a few of the key benefits of using a password manager:

Ability to create unique, long passwords that don’t have to be remembered
No requirement to provide further personal details (biometric data such as face scanning, finger prints or eye-scanning)
Encrypted data
Quicker for users who have to access many services

Cybercrime set to rise to 6 trillion dollars per year

According to a recent report from Cybersecurity Ventures, by 2021 there will be 6 billion Internet users, and the cost of cybercrime is expected to rise to 6 trillion dollars per year.

However, a recent study by PEW Research Centre, revealed that only one in ten online adults use a password manager, and only 3% cite this as their most frequent method of password entry. Similar statistics ring true for passwords used in the workplace, according to a 2019 report conducted by Ponemon Institute LLC, who surveyed 1,761 IT and IT security practitioners in the USA, UK, Germany and France. The report revealed that 63 percent of respondents say it is important to protect passwords on their personal devices, with 66 percent of respondents believe it is important to protect the passwords used in the workplace.

However, 76 percent of security professionals surveyed said that their organisation does not have a password policy or require the use of a password manager, with 51 percent of respondents acknowledge that it is difficult to manage their passwords.

The need for improved password management is clear, but adequate action is not being taken, even amongst professionals. What is the reason for this discord?

Are password managers secure?

Password storage is secure, right? Many believe that not all password managers are secure.

According to a report by the Independent Security Evaluators (ISE), the master passwords to Password Manager Tools such as 1Pasword4 have been known to be stored as plain text in a PC's memory.

This worrying find was condemned by ISE lead researcher, Adrian Bednarek, who said that once the hackers get the master password "its game over".

Bednarek went on to say that, "given the huge user base of people already using password managers, these vulnerabilities will entice hackers to target and steal data from these computers via malware attacks.”

A corporate concern: 70% surveyed share their passwords with colleagues

A 2019 report conducted by The Ponemon Institute LLC, found that many users are relying on easy-to-remember passwords on their company accounts, with almost 70% of those surveyed revealing that they share passwords with colleagues. Combining these figures with the fact that many respondents are reusing an average of 5 passwords, it’s no surprise that businesses are becoming increasingly concerned with their IT security.

Breaches within high-level organisations such as Facebook, who recently revealed that “millions” of users had their passwords compromised, highlight the fact that no one’s data is 100% safe, no matter what backing they have.

The threat is real, no-matter who you are. A multi-billion backing couldn't prevent Facebook's breach
Credit: dailyhunt

Cyber security tips for IT Managers

So what steps can you take to ensure the cyber safety of your organisation?

First Recruitment Group’s IT Business Manager, Kevin Riley, recommends 6 steps to creating a secure environment when it comes to the administration and management of passwords for system owners.

Implement password blacklisting
Protect all passwords (don’t save them as plain text. Use HTTPS)
Encourage the use of reputable encrypted password managers
Help with the generation of secure passwords
Avoid enforcing password expiry. This may lead to bad practice in remembering and storing new passwords

Kevin went on to say that, “IT security is a significant and justified concern in the modern world, on both a personal and professional level. The points above are a good start and offer an effective first line of defence, but in order to be as secure as they can be, all organisation require a tailored approach.

“I have dealt with many clients over the years and have seen first-hand the varied approaches that organisations take. One consistency in successful management of IT security is the hiring of the right minds. A dedicated and qualified team working on IT infrastructure and security can make an immeasurable difference to the safety of an organisation. There is always work to be done, but hopefully, if we all take a proactive approach, we can make the IT world a more secure place.”

Helping businesses find IT Security professionals

To find out more about how we can help you strengthen your IT Infrastructure through quality IT Security professionals, speak to our dedicated IT Business Manager Kevin today calling 01925 907000 or email kevin.riley@firstrg.com

Testimonials

“We have required a number of Quality Assurance/Quality Control candidates within the Nuclear Industry. Since early 2016 First Recruitment Group have provided a number of QA/QC professionals in locations across the UK.

“We have been very pleased with both the quality of supply and the customer service demonstrated and will continue to use their professional services in the future.”

Bureau Veritas

“I have worked with First Recruitment Group as my partner of choice across a number of large and challenging Oil & Gas projects internationally over recent years.

“First are a high performing business who are built on credibility, honesty, expertise.

“As we push the frontiers of projects and move in to more and more challenging and locations, First will continue to be my partner of choice to help us deliver our projects with confidence.”

TechnipFMC

"I have had the pleasure of working with First Recruitment Group over recent years and we have formed a great working relationship. Their understanding of our exacting requirements is outstanding.

"The First team are highly experienced and knowledgeable across the recruitment spectrum and operate in the manner you would expect of a professional outfit of their stature. Their attention to detail and approach is faultless and their commitment and drive has helped our business with unique, complex and difficult recruitment requirements.

"Sarah, our Account Manager, is an incisive thinker as well as hardworking, diligent and reliable and has an extremely helpful and flexible approach to her work. This reflects in her team and with their ability to communicate at all levels in an honest and trusted consultative manner and gives us great faith in their ability to identify candidates who can help us to drive forward and achieve our business goals.

"I have no hesitation in recommending First as a recruitment partner and feel they would be worthy of selection for any engineering or manufacturing business looking for an intelligent and innovative solution."

Nuvia

“There is nothing negative about the service that we’ve received from First. Without fail they have produced positive feedback. The fact that they have placed a diverse range of skills from PA's to Engineers, just goes to show that they have the core skills, intelligence, and initiative that make them great recruiters, and preferred partners.”

Multi-Sector Client

"It’s great to work with a recruitment agency we trust. The team at First Recruitment Group are friendly and straight talking and they continue to provide an excellent service. We’re proud to still be working with them after 20 years."

Simon Carves Engineering Ltd

Read all Testimonials

Help us with our survey

Do you feel the jobs market has picked up?