We get it. Employee password behavior is not good. But what does that actually mean for businesses? As a security or IT team that wants to make this risk more tangible, what do you look at and how do you measure it? In a recent report, Forrester evaluated the password risks that exist in a corporate environment and their associated costs.
Employee Support & Helpdesk Costs
Ask any level 1 support team or IT team lead about the most frequent requests from employees, and password resets will always be at the top of the list. Forrester found that large organizations spend up to $1 million each year in staffing and infrastructure expenses to handle these password resets. One million! This doesn’t include the time and productivity lost, which also adds to this cost.
Sometimes our biggest risks exist within the company itself. It might be in a shared spreadsheet of passwords that gets into the wrong hands, or a password on a sticky note sitting on a computer screen. You may think your own team isn’t going to be the source of the problem, but Forrester’s research found that one in four (24%) of breaches in the last year were caused by insider attacks.
Read the new Forrester report
Check out the report, titled “Best Practices: Selecting, Deploying, And Managing Enterprise Password Managers,” for Forrester’s complete evaluation of the risks associated with poor password behavior, and how to quantify those risks into real costs.
The Forrester analysts go on to provide guidance for businesses on how to quantify the risks that passwords present. With an accurate picture of the problem, IT teams can justify the investment in an enterprise password manager (EPM) as part of their security stack. Download and read the new report where Forrester analysts cover this topic and more, including:
- How businesses can mitigate poor password behavior
- How EPM complements other authentication technology, such as SSO and PAM
- What to look for in an EPM solution, including Forrester’s guidance for selecting a vendor