As a millennial, I feel my generation has been defined by technology - I grew up surrounded by it, starting with my first PC at the age of 4. For me (as with many others in my generation), technology has been an integral part of growing up.
We know that historically all users are notoriously bad at maintaining good password hygiene, but in this study from T-Systems , millennials seem to be the worst. They are much more likely to both over-estimate their knowledge while undertaking unsafe practices, such as poor password hygiene and oversharing of sensitive data.
There is always the worry that third-party sites could be compromised, and if a user has the same password for every platform, this could present a serious problem to you and your business.
You have seen in the news this week that the popular image sharing site Imgur had a breach in 2014 exposing the email addresses and passwords of approximately 1.7 million user accounts. The breach is scary, but what is scarier is the T-systems research. It found that when people have their data stolen, 34% still do not change their passwords and only 40% of affected users go on to change their password for other services.
In the survey, generation-Y individuals are also reusing passwords significantly more in the workplace than older generations. As the younger generations rise through the organisation, it means the odds are no longer stacked in your favour.
Protection of privileged credentials should be of utmost importance - after all, you wouldn't publish your domain administrator password on the internet, would you? A quick bit of OSINT gathering (assuming a better than 0% success rate) to find one of your service desk or IT administrator e-mail addresses in a breach database will give an attacker a great insight into perhaps a reused common password, or the structure you use to create your passwords.
Don't leave this to chance; make sure you implement a privileged access management solution that your users will love. Security is fundamental, but adoption is key. Make it much easier with a system that lets users do their jobs faster and easier than they do today, but also supporting the mobility that is expected from a millennial.
For quick look at shoring up your organisation’s security, check out this infographic on the Six Steps to Secure Access.
Karl Lankford, Director, Solutions Engineering
Karl Lankford is the Director, Solutions Engineering, for BeyondTrust and has worked at BeyondTrust for 4 years. He has acquired a wide-range of security experience and knowledge working with companies during the last 10 years across multiple industries and is a regular speaker at industry conferences.