About Thawte

News

Strong passwords and cryptographic tools important security solutions

Pins, passwords, two-factor authentication - the multitude of security codes one must manage between the workplace and personal space is staggering. Yet, a study conducted by Trustwave found that one of the biggest security mistakes companies make is by not enforcing strong passwords on its devices.

An analysis of the report by ZDNet it found that more than 300 data breaches occurred during 2011 across 18 countries. In 76 percent of incident response investigations, a third party was cited as being responsible for system support, development and/or maintenance of business environments that introduced the security vulnerabilities. For web-based attacks, SQL injection remained the top attack method for the fourth year in a row at 73 percent.

Weak passwords number one way of intrusion
Perhaps most alarming statistic was that weak passwords continue to be one of the primary sources of exploitation. ZDNet cited Trustwave's survey respondents in that nearly 80 percent of the security incidents from both large and small organizations were due to weak or default credentials.

One of the biggest problems noted, was that applications and devices are often installed with default usernames and passwords, usually with full access rights. Primarily due to lax oversight, the default passwords are never changed. Furthermore, the speed with which a cybercriminal can infect a network through password access is staggering. For those systems using shared administrative username and password combinations, the report found attackers were able to gain credentials and administrative access across an entire small network of up to 20 devices in less than 10 minutes.

Solid IT policies, holistic security strategy necessary for secure networks
Better IT administrative policies governing password character requirements and mandatory periodic password changes are just two of the ways that businesses can better protect enterprise data. Another helpful step for system administrators to initiate includes making a blacklist of prohibited passwords often easily detected by cybercriminals, like "Password1."

Recent news headlines about cybersecurity tend to fall on the developer end with particular emphasis placed on phishing, outdated authentication and many other malware tactics commonly used by cybercriminals. While efforts to continue developing strong encryption technologies are not to be minimized, a holistic approach toward agency-wide security starts by ensuring that no employee leaves the "front door" to a network open. By administering sophisticated cryptographic tools in addition to securing easy access points across a network, cybercriminals' opportunities of malicious attacks become exponentially more difficult.

Keep networks secure with the latest in encryption technology. Visit Thawte today and purchase the latest in SSL certificates.

corporate office

Thawte
The Gateway
Century Lane
Century City, 7441
Cape Town
South Africa

Postal Address:
P O Box 15986
Panorama 7500
Cape Town
South Africa

Call: +27 21 819 2200
Fax: +27 21 819 2950

Thawte is a leading global Certification Authority. Our SSL and code signing digital certificates are used globally to secure servers, provide data encryption, authenticate users, protect privacy and assure online identifies through stringent authentication and verification processes. Our SSL certificates include Wildcard SSL Certificates, SAN /UC Certificates, SGC SuperCerts and Extended Validation SSL Certificates.

What is an SSL Certificate Which SSL Certificate is Right for Me? Why Choose Thawte?