Cybersecurity ‘what if’ scenarios: what would you do?

Do you think about your digital identity? Many of us are at least somewhat in tune to our reputations –  how we look, how we feel and what is happening in our social circles. However, the extension of ourselves in today’s digital world is not as material as the ways we often think of when we hear the word “identity.”

Yet, our digital identity is one of the most impactful parts of us. We house so much of ourselves online. Whether it is at work or at home, our digital identities are at the centre of modern society.

In honour of Cybersecurity Awareness Month, SailPoint surveyed 400 IT leaders and asked them if they are worried about their digital identity getting stolen. And to counter that, what types of risky behaviours are they engaging in that put their identities (or others’) at risk? Here is what we found.

Not surprisingly, people are worried about their digital identities getting stolen. In fact, 65% of the respondents to our survey said they are “really worried” about it.

However, when asked about some of their habits and what they would do in certain situations, it shows the clear disconnect between our actions and what we should be doing.

What’s the Password?

1/5 of respondents repeat passwords across work and personal accounts, and 13% would share their password with a co-worker. We should not need to point out why these are bad habits, yet poor password hygiene continues to be the metaphorical thorn in security’s side.

Sharing or reusing credentials is potentially even more damaging to organisations when it comes to IT professionals because they likely have more access than the average user. But honestly, risk exists with any user. The doors these habits open for malicious actors to get in are numerous, and once they are in, the potential for the domino effect to occur is very likely. Your password should not be a skeleton key for your digital life.

Just a Peek

You run across a sticky note on your boss’ desk with passwords listed out. Would you take it? Shockingly, 1 in 10 respondents said they would steal their boss’s sticky note of passwords, which is concerning since they know the damage that could be done with those passwords. Higher level people also tend to have access to sensitive data (think customer contact lists, as just one example), which continues to be a primary target for hackers, for obvious reason.

Similarly, would you take office supplies from work to your home? Most people would probably consider that theft, yet 16% of respondents say they would email sensitive company data or files to their personal email.

 That data likely has much higher value than some post-it notes and pens. Whatever the reasoning is, emailing data between work and personal accounts is exposing that data whether you mean to or not.

Opening Doors

There is more than one way to expose sensitive data, and it is not always a digital pathway that gets someone there. How many times have you let someone tailgate you at the office without knowing for sure if they work with you, or allowed a guest borrow your badge to do something like run to their car or go to the bathroom? 20% of people said they would share their building access badge with someone. By doing this, one unlocked device left unattended becomes much more accessible.

Ultimately, nobody is infallible. We all succumb to convenience and curiosity, but there is little wiggle room when talking about leaving our digital identities exposed.  When you give a malicious hacker an inch, they will run laps around your accounts, data and devices.

The inaugural Data Protection World Forum (DPWF) was held on November 20th & 21st 2018 at the ExCeL London and welcomed over 3,000 delegates seeking the very latest insight on data protection and privacy.

Pre-registration for DPWF 2019 will be opening in the coming weeks.