New LastPass Benchmark Report Finds Nearly 50 Percent of Businesses Have Yet to Take Control of Password Security
October 01 2018 - 9:05AM
LastPass by LogMeIn, a leader in password management, today
released the first annual, “2018 Global Password Security Report,”
revealing true password behaviors in the workplace and creating a
benchmark that businesses can use to measure progress when
investing in password security tools. The global report, which
analyzed anonymized data in over 43,000 companies of all sizes,
industries, and geographies using LastPass as their business
password manager, draws a precise picture of password management
for the business IT community. Two benchmark scores are highlighted
in the report: The LastPass Security Score and the LastPass
Password Strength Score1.
Released on the first day of National Cybersecurity Awareness
Month (NCSAM), data from the report reveals that while businesses
are making strides in strengthening password security, there’s more
work to be done –with the average password security score of
organizations found to be 52 out of 100.
“Security professionals often fail to consider the value of the
first factor of enterprise authentication— the password. Despite
the sophisticated security measures enterprises are putting in
place, something as fundamentally simple as a password is tripping
them up,” said Frank Dickson, Research Vice President, Security
Products at IDC. “Having a security benchmark such as what LastPass
has provided with this report will help enterprises quantify their
password risk, compare how they stack up to enterprises of similar
size, and gauge the effectiveness of their enterprise password
management deployment.”
Additional key findings include:
- The bigger the company, the lower the security score on
averageOrganizations with less than 25 employees had the
highest average security score of 50, and the average drops as the
company size increases. More employees bring more passwords and
unsanctioned apps, as well as extra opportunities for dangerous
password behaviors. In larger organizations, it’s simply more
challenging for IT to hold all employees to password security
standards.
- Investing in an enterprise password management tool is
moving the needleWithin the first year of investing in a
password management tool, such as LastPass, a business gains nearly
15 security points. This represents a significant improvement in
the company’s security posture over time and is a tangible metric
to validate the investment.
- Password sharing is prevalent in the
workplaceOn average, the report data shows that any given
employee now shares six passwords with coworkers. As teams become
more distributed and technology-dependent, the ability to protect,
track and audit shared passwords is more important than ever.
- Technology industry is leading the pack in password
securityThe highest average security scores are in the
Technology industry (53). This is not surprising due to the
privacy and data laws with which most must comply. What is
surprising, is that heavily-regulated industries like Banking,
Health, Insurance and Government are not achieving comparable (or
even superior) average Security Scores.
- Multi-factor authentication is gaining in
popularityAs concerns about password security grow,
multi-factor authentication is an increasingly-favored way to
protect an organization. 45 percent of businesses use multi-factor
authentication, which represents a significant increase from last
year’s 24.5 percent. Again, the Technology sector lead the pack
with 31 percent adopting multi-factor authentication. Whether it’s
a greater awareness of available options or a stronger culture
of security, organizations in the Technology sector are
prioritizing extra protection.
“Passwords continue to be a challenge to cybersecurity in the
workplace, and attacks continue to grow in number and complexity
every year. Despite these threats, businesses have struggled to
quantify their own level of password risk,” said Gerald Beuchelt,
Chief Information Security Officer at LogMeIn. “This report offers
fellow information security managers a tool to compare their own
company’s password scores with a large sample of peers and
competitors. In turn, security departments are now better equipped
to identify the gaps in their security program and measure progress
when investing in password security.”
Resources
- Full report
- Infographic
- Blog post
- October 18th webinar
Report Methodology LastPass anonymized and
aggregated data from more than 43,000 organizations who use
LastPass as their business password manager. Much like The LastPass
Password Exposé, this report represents organizations of all types
and sizes across nearly every industry. Compared to that report,
the data set has grown significantly and allows us to draw a more
precise picture of password management. Though the data only
reflects LastPass users, we’ve broadened our conclusions for the
business IT community at large.
About LastPass LastPass is an award-winning
password manager helping millions organize and protect their online
lives, at home and at work. For businesses of all sizes, LastPass
provides secure password storage and centralized admin oversight to
reduce the risk of data breaches and remove password obstacles for
employees. With customizable policies, secure password sharing, and
comprehensive user management, LastPass gives IT the tools to
strengthen password hygiene across the organization. For more
information, visit https://lastpass.com.
LastPass is a trademark of LogMeIn in the U.S. and other
countries.
About LogMeIn, Inc. LogMeIn,
Inc. (Nasdaq: LOGM) simplifies how people connect with each
other and the world around them to drive meaningful interactions,
deepen relationships, and create better outcomes for individuals
and businesses. One of the world’s top 10 public SaaS companies,
and a market leader in communication & conferencing, identity
& access, and customer engagement & support
solutions, LogMeIn has millions of customers spanning
virtually every country across the globe. LogMeIn is
headquartered in Boston with additional locations
in North and South
America, Europe, Asia and Australia.
Media Contact: Lauren Van Dam
press@lastpass.com 781-897-1328
1 The LastPass Password Strength Score evaluates the combined,
averaged password strength of all passwords stored in the user’s
vault. The LastPass Security Score builds on the Password Strength
Score to evaluate whether passwords are duplicated, vulnerable or
otherwise weak. The score also considers multifactor authentication
usage and other security settings, to show the complete picture of
password security for an individual user.
LogMeIn (NASDAQ:LOGM)
Historical Stock Chart
From Jun 2024 to Jul 2024
LogMeIn (NASDAQ:LOGM)
Historical Stock Chart
From Jul 2023 to Jul 2024