Americans Underprioritize Digital Security of Their Employers, Fail to Take Proper Steps to Protect Themselves, 4iQ Survey Finds

LOS ALTOS, Calif., Oct. 23, 2018 /PRNewswire/ -- 4iQ, a leader in identity threat intelligence, today released the results of its "Password Security and Data Privacy 2018," providing insight into what Americans worry about when it comes to their digital identity. But what is most notable in these findings is the extent to which Americans deprioritized securing their work email, putting themselves and their employers at risk. It's likely they do not realize everything at risk. Work emails often give cybercriminals access not only to emails, but also from confidential business information like contracts, intellectual property, and customer payment information to sensitive personal information like health insurance, travel itineraries, and personal banking information. When those email credentials match the credentials to access corporate systems, the risk is exponentially higher.

"While much time is spent researching and analyzing data breaches and security events, less time is focused on understanding a critical element – the people impacted, their concerns, and their motivation," said Claire Umeda, head of marketing at 4iQ. "This survey provides a glimpse into public concerns relating to personal data privacy, and even the potential for corporate security risks from an uneducated or unmotivated employee audience."

"Our survey shows that consumers are concerned about protecting certain aspects of their digital identities, such as their social security number, banking and credit card information, but they are not taking all the steps they can to adequately protect this data. Perhaps it's because they don't understand how to protect themselves or they are uninformed about the services that are out there to help them," said Monica Pal, CEO of 4iQ. "One thing we know for sure is that we need to be better about communicating with people on an individual level on what risky online behavior is, the steps they can take to protect their accounts and identity, and what solutions are out there that can alert them to compromised or vulnerable information."

In the 4iQ 2018 Breached Identity Report, we reported that 2017 "may go down in history as the year of accidental exposures."  As technology continues to evolve in ability and sophistication, the methods used to compromise that technology evolve with it. But the first defense against attackers will always be as simple as username and password credentials.

"According to our analysis of digital identities found on the Deep and Dark Web, over 39 percent of people use passwords credentials classified as 'very weak.' For example, our research shows that over nine million passwords consist of the number combination of '12345.' This is frightening because the first line of defense against attackers is login credentials – strong, unique username and password combinations. But the scarier part is that companies and organizations don't necessarily consider this challenge as part of their ongoing cybersecurity efforts," said Julio Casal, Founder and Chief Technology Officer at 4iQ. "The fact is, the chain is only as strong as its weakest link. Yet companies don't often consider the fact that their vendor's employee, whose username and password were compromised in a recent breach, used the same password for their work email. And now that cybercriminal holds the keys to your data. In this case not only do we need to educate individuals about cybersecurity, but companies need to be monitoring the Deep and Dark Web for those lost or stolen keys."

Among the other key findings:

• By nearly a 2:1 ratio, respondents expressed more concern about someone gaining access to their personal email or private text messages than their company email – "someone hacking onto my work email" ranked dead last in the concerns about personal data privacy poll. "The complete lack of concern by survey respondents about their work email potentially being hacked is problematic. This is exacerbated by the finding that the average person admits to using just two or three passwords to protect all of their online accounts," said Monica. "By repeating passwords on multiple accounts, individuals are inviting cyber criminals to access all of their online data – once a password becomes compromised, all of that individual's information, and by extension their employer's information, are at risk."
  
  
• Seventy percent of respondents are willing to consider signing up for a real-time service that sends alerts as soon as their personal information is suspected to have been stolen or breached. Yet 18 percent of people do not subscribe to services that do just that because "they do not understand what they do and why it would benefit me." An additional 34 percent don't think these services are worth the investment.  "These numbers are surprising to us and serve as yet another data point demonstrating the information gap that exists between companies and consumers," said Monica. "While a breached company may let you know that your information may have been compromised, it is leading identity theft protection providers who can alert you to the real threats – for example, the fact that your information was found on the Deep and Dark Web and is available to cybercriminals everywhere. It's this kind of information that allows consumers to take specific actions to protect themselves."
  
  
• Across all aspects of digital identity in our poll, women consistently showed higher level of concerns as compared to men, but were not any more likely to sign up for identity protection services. This finding suggests that although they realize the risks of their online digital identities, they are not aware of the benefits of these services and how they can protect themselves online.
  

More information about the survey, which was conducted with the support from market research and consumer experience specialist HarrisX, can be found at https://4iq.com/passwordsecurity-dataprivacy-survey. 

About 4iQ

4iQ provides identity theft intelligence that helps organizations measure, monitor and manage digital risk. 4iQ protects people and enterprises by scanning the surface, social and deep and dark web for stolen, leaked or lost login credentials and other personally identifiable information (PII). 4iQ then notifies organizations and individuals when these records appear to guard against the theft of identities, information and money before it happens. In addition to ongoing deep and dark web monitoring, the 4iQ platform also helps companies meet password guidelines, verify credentials, and prevent account takeover. 4iQ is headquartered in Los Altos, CA and backed by Forgepoint Capital, Telefonica, BGV and Adara Ventures. For more information, please visit www.4iQ.com.

SOURCE 4iQ

Related Links

http://www.4iQ.com

WANT YOUR COMPANY'S NEWS FEATURED ON PRNEWSWIRE.COM?

440k+
Newsrooms &
Influencers

9k+
Digital Media
Outlets

270k+
Journalists
Opted In

GET STARTED