Research suggests lax password management could be costly

According to Lieberman Software's Password 2011 survey, inconsistent policies and managerial apathy may be jeopardizing the security of corporate networks.

Among the more than 300 international IT professionals responding to the survey, approximately half have worked for an organization that fell victim to hackers. The research findings suggested that inadequate password management may have been the root cause of these network breaches.

More than half of survey respondents indicated that they had to manage 10 or more passwords for work purposes, and four in 10 reported sharing passwords within the IT department. Additionally, 48 percent of responding IT professionals suggested that their organizations do not change privileged passwords at least once every 90 days and are likely in violation of regulatory compliance mandates.

"Password anarchy among the IT staff at major organizations is mirrored by password apathy at the top of the management hierarchy, where senior management seem almost criminally lax in the enforcement of IT security policies," Lieberman Software CEO Phillip Lieberman explained.

To avoid costly data breaches and regulatory fines, report authors suggested that IT departments shore up their security fundamentals with technical solutions such as password manager software in combination with explicit policy guidelines.