If security is hampering your business, you need to look at your security policy: If you’ve got four or five thousand devices out there, with employees able to access work information on each device, you get a number of things happening. A: They lose them. B: They lose them in really embarrassing places, like public transport, buses trains, restaurants and bars and pubs – even throwing them in a bin. All of those places you’ve heard in the horror stories we see in the media.
But it’s not only that they lose them – it’s that when they leave the company they hardly ever return them. They keep them. And if that’s got data on it that could be useful to the new company, but very destructive to the old company, then in the end you need a way of preventing that.
I’m a believer that passwords will eventually be phased out. I think we’ll find another way of securing our data, because in the end it’s not the technology that’s the weak link – it’s the person. If you ask someone to remember all these passwords for all your different business and social accounts, people fall into two camps:
They go for the easy password, one size fits all. They use the same password for everything.
Or they use two passwords: one for business, one for personal.
The other thing that happens when a business ask their employees to have different passwords for all their accounts is that first of all, they forget them. Either that, or they write them down – so that’s an instant possible breach.
Any of these government departments and commercial entities you speak to and ask “how many laptops have you lost over the last year?” – it was actually 60 lost from one government department up in Scotland, and other places I’ve been to, four have been lost – they don’t know where they are!