World Password Day: Interview with Thomas Malchar on IT Security 2019
Mr Malchar, at the beginning of the year, another data theft shook us once again, albeit on a gigantic scale: 773 million e-mail addresses and 21 million passwords were hacked under the title Collection#1. How do you assess the causes of this current threat?
One thing is certain: The number and complexity of cybercrime and hacker attacks have increased significantly in recent years. The dangers are as varied as they are numerous and range from potential security gaps through cloud computing and the mobile workforce concept up to social engineering and the classic form of weak passwords.
Companies as well as private individuals still offer too many weak points, which often make it almost frighteningly easy for attackers to gain access to sensitive data. Especially with Collection#1, so many passwords could be uncovered in plain text, because many users still use the same combinations of e-mail addresses and passwords for several services.
According to the BSI, the threat situation for digital data has reached a new high.1 What role does user behaviour play in this?
The security requirements for the user have risensignificantly: The number of websites, apps and thus accesses and accounts per user continues to rise. Managing these securely is almost a mammoth task for the individual.
As the requirements for a strong password increase, users remember only one to three passwords and use them for multiple applications. Or they use Excel lists, Post-ist and Co. instead of a password manager. This can have different reasons like ignorance, but also unfortunately laziness or a lack of alternatives. By the way: The most popular password in 2018 was "123456".
What mistakes do companies make when dealing with IT security?
In the digital age, companies want to make data access as easy as possible for their employees and business partners. To do this, companies often prefer to accept security gaps rather than dealing with complex software or employee complaints. The mistake is often made to combine different services instead of a holistic security concept, thereby unnecessarily complicating the security situation.
Furthermore, employees are not sufficiently trained in the new system landscape or even integrated. The result of this behavior can be measured in figures: The estimated costs incurred by companies in 2018 as a result of cybercrime incidents have increased from 20 to over 27 million US dollars in the US, alone compared to the previous year.2
What would you advise companies to do?
Speaking of the Human Security Gap: To what extent do employees pose a risk to companies?
Last but not least: How does Password Safe adapt to the growing security threats?
Thanks to our in-depth technical expertise, Password Safe has the necessary functionalities to offer a dynamic security solution that meets the needs of companies of various sizes. Because what makes our software special is the variety of functionalities. Password Safe can be tailored to any company in four available editions – in all industries, from start-ups to large corporations.
Sources:
1 Cf. Federal Office for Information Security, Management Report 2018
2 Cf. Statista, Survey 2018
MATESO is a leading German IT company and developer of the password management solution, Password Safe. Since 2006, MATESO is widely recognized as one of the most successful brands in the German-speaking DACH region. Password Safe is now distributed globally through its worldwide network of certified partners.
(So) Much more than a simple Password Manager: MATESO’s software consists of an integrative enterprise management system. Password Safe securely transfers privileged passwords and accounts into the Password Life Cycle where they are saved and monitored constantly. The high security standards are regularly proven by external penetration tests.
The diverse functions and features like single sign-on or role-based access control create the unique and customizable Password Safe structure. Furthermore, this is supported by multi-factor authentication systems. Needless to say, the software complies with all legal requirements due to logs, session recordings, the exclusion of backdoors and many more. As a result, this makes Password Safe the ideal software for every company. The Software ranges from an Essential Edition for small businesses to an Enterprise Plus Edition that can be highly scaled worldwide.
Owed to its leading edge in both technology and know-how, renowned references have come to rely on MATESO for securing their critical data. Today, Password Safe already applies to more than 10.000 companies, including 19 of the Top 30 DAX companies and several million users around the world.
MATESO GmbH
Daimlerstraße 15
86356 Neusäß
Telefon: +49 (821) 80830810
Telefax: +49 (821) 747787-11
http://www.passwordsafe.de
Marketing
Telefon: +49 (821) 74778756
Fax: +49 (821) 747787-11
E-Mail: kristina.brunner@mateso.de
        

