May 4, 2023
By Anand Ramanathan - Chief Product Officer, Skyhigh Security
World Password Day is meant to remind us about best cyber hygiene practices, encourage us to take a more proactive approach to improving our passwords, and promote a culture in security for us all.
However, it now also serves as an additional reminder: the era of passwords keeping threat actors at bay has come to an end, and organizations are pivoting to advanced security measures to keep up with the increasingly sophisticated attackers ever-looming on the web. The fact is that data is everywhere — the cloud, web, email, and private apps — and so it needs to be protected everywhere. Usernames and passwords alone no longer make the cut.
According to our recent global research survey, The Data Dilemma: Cloud Adoption and Risk Report, 26% of network passwords are stored in public cloud services. Why is this a problem? Well, the report also found that 75% of organizations have experienced a cybersecurity breach, threat, and/or theft of data. This is a reminder that organizations must improve their data security and adopt more secure processes.
On World Password Day, we take the opportunity to shed light on a few steps organizations can take to combat today’s evolving threat landscape, as our daily use of passwords will likely not go away anytime soon. Multi-factor authentication is a tried-and-true solution that is easy to implement and adds a thick layer of defense when it comes to protecting data..
Better still, organizations that adopt Zero Trust principles are increasingly more protected against sophisticated threats. Just because a user has valid login keys does not automatically mean they are authorized and/or not a threat. Skyhigh Security’s Zero Trust Network Access (ZTNA) solution, for example, allows “least privilege” access to specific applications, so that the attack surface is reduced and lateral movement of cybercriminals from compromised accounts is prevented. That way, even if a password is stolen or an account is compromised, any potential damage is significantly limited.
However, these solutions do not allow us to be negligent after their implementation. In order to truly protect data from anywhere, any application, and any device, we must all remain vigilant in our efforts – even after World Password Day.
Back to Blogs