Virtualization Technology News and Information
White Papers
RSS
White Papers Search Results
Showing 1 - 4 of 4 white papers, page 1 of 1.
2022 US Password Practices Report
To raise awareness about the scale of the problem of weak passwords, Keeper Security, the leading provider of zero-trust and zero-knowledge cybersecurity software, is sharing findings about Americans’ password habits and practices. By raising awareness of the personal finances and data put at risk every day by weak, duplicate, and shared passwords, we hope to reduce the risk of cybercrime and promote better password practices among Americans.

Online passwords are used for many critical aspects of our lives. They are needed when we communicate, work, transact and travel. We use them to access our most sensitive data, from banking to health records. Digital passwords are the keys to our lives. Yet we are surprisingly negligent about password protection, from our choice of passwords to the means we use to remember them, and troublingly, our willingness to share sensitive passwords with others.
Keeper Security’s survey of 4,000+ respondents in the US and UK unearthed negligent attitudes toward password protection, in which passwords are being shared with spouses, written down on bits of paper, changed too often, and forgotten over 50 times per year! The result: nearly half of our 2,000 US survey respondents had been hacked at least once, with an average of $378 stolen per cyberattack. The consequences of poor password protection can be disastrous in an era of growing online crime and identity theft. A hacked password can result in ransacked bank accounts, obliterated credit ratings, damaged personal lives and severed business relationships.

Our findings show a troubling disconnect between the value people attach to their passwords and the means they use to protect them. In the US, people would rather see a dentist than lose their passwords, yet safe selection, storage, and management of passwords were found to be severely lacking in this study.

It is of great concern to see passwords being shared and duplicated across multiple platforms. It’s equally concerning to see the use of overly simple passwords, relying on publicly-available data, such as names and birthdays. This will remain an acute challenge as we continue to use a range of devices and platforms to access the internet. The impact of poor password protection was evidenced by the number of people in the survey reporting they’ve personally fallen victim to a cyberattack, resulting in financial loss and compromised social media profiles.

US Cybersecurity Census Report
Cybersecurity is now recognized as a key priority for U.S. businesses. However, cybersecurity threats are evolving as risks, and the responses necessary to mitigate them, change rapidly. Staying a step ahead of bad actors is a continuous challenge and businesses—despite their intentions to do so—aren’t always keeping pace.

Cybersecurity is now recognized as a key priority for U.S. businesses. However, cybersecurity threats are evolving as risks, and the responses necessary to mitigate them, change rapidly. Staying a step ahead of bad actors is a continuous challenge and businesses—despite their intentions to do so—aren’t always keeping pace.

To solve this problem, IT leaders must understand why. They need answers to questions such as, how is cybersecurity transforming? How are cyberattacks harming businesses? Where must investments in preventative training and tools be focused? Is cybersecurity being prioritized by leadership? And how does cybersecurity fit within organizational culture?

In partnership with Sapio Research, Keeper Security analyzed the behaviors and attitudes of 516 IT decision-makers in the U.S. to answer these questions and more. This report, Keeper’s second annual U.S. Cybersecurity Census, maps the transforming landscape of cybersecurity based on these expert insights. It provides leaders with a forensic assessment of the threats their businesses face and details the urgent strategies necessary to overcome them.

Businesses across the U.S. are making cybersecurity a priority. However, despite efforts and investments, clear gaps remain. Our research shows that there have been small steps, but no giant leaps.

The volume and pace at which threats are hitting businesses are increasing, and leadership can’t afford to wait. If they do, the financial, reputational, and organizational penalties will be severe. Likewise, as work has transformed dramatically over the past two years—with hybrid and remote working normalized— companies need to rethink how they are building cybersecurity resilience.

Password Management Report: Unifying Perception with Reality
We surveyed over 8,000 people globally about what they say they do to ensure their cybersecurity and what they actually do. The study found people are grossly overconfident with a clear disconnect between actions and perception.

There is no getting away from the fact that passwords are still the cornerstone of modern cybersecurity practices. Despite decades of advice to users to always pick strong and unique passwords for each of their online accounts, Keeper Security found that only one-quarter of survey respondents actually do this. Many use repeat variations of the same password (34%) or still admit to using simple passwords to secure their online accounts (30%). Perhaps more worryingly, almost half (44%) of those who claimed all their passwords were well-managed also said they used repeated variations of them. One in five also admitted to knowing they’ve had at least one password involved in a data breach or available on the dark web.

At first glance, these results may come as a shock, especially to those in the cybersecurity industry who have been touting these simple best practices for years. However, when considering more than one in three people (35%) globally admit to feeling overwhelmed when it comes to taking action to improve their cybersecurity, and one in ten admit to neglecting password management altogether, the results are much less of a surprise.

Cybersecurity is a priority and cybersecurity solutions must also be. The threat landscape continues to expand as our lives shift from in-person banks, stores, and coffee shops to online banking, internet shopping, social networking, and everything in between. We have never been more dependent on our phones, computers, and connected devices, yet we are overconfident in our ability to protect them and willfully ignoring the actions we must take to do so. Perhaps we need more people to admit they’re as careless as a bull in a china shop, burying their heads in the sand like an ostrich or simply paralyzed with fear. Facing reality and coming to recognize what’s at stake, they can more confidently charge forward and take the necessary steps to protect their information, identities and online accounts.

Zero Trust and Enterprise Data Backup
Cyberattacks and ransomware target backup data in 93% of incidents, while existing Zero Trust frameworks often overlook backup and recovery security. Zero Trust Data Resilience (ZTDR), developed by Numberline Security and Veeam, extends Zero Trust principles to data backup. The ZTDR framework includes segmentation, multiple data resilience zones, and immutable backup storage. This white paper offers practical steps for implementing ZTDR, which improves data protection, reduces security risk

Cyberattacks and ransomware target backup data in 93% of incidents. Despite being primary targets for ransomware and data exfiltration, existing Zero Trust frameworks often overlook the security of data backup and recovery systems.
 
Zero Trust Data Resilience (ZTDR) is an innovative model that extends Zero Trust principles to data backup and recovery. Developed through a collaboration between Numberline Security and Veeam, ZTDR builds on the Cybersecurity and Infrastructure Security Agency's (CISA) Zero Trust Maturity Model (ZTMM).  
 
This framework provides a practical guide for IT and security teams to improve data protection, reduce security risk, and enhance an organization's cyber resilience.
 
The primary principles of ZTDR include:

  • Segmentation — Separation of Backup Software and Backup Storage to enforce least-privilege access, as well as to minimize the attack surface and blast radius.
  • Multiple data resilience zones or security domains to comply with the 3-2-1 Backup Rule and to ensure multi-layered security.
  • Immutable Backup Storage to protect backup data from modifications and deletions. Zero Access to Root and OS, protecting against external attackers and compromised administrators, is a must-have as part of true immutability. 

The white paper "Zero Trust and Enterprise Data Backup" details these principles and offers practical steps for implementation. 
 
What You'll Learn:

  • Security Enhancement: Core Zero Trust principles applied to data backup.
  • Implementation: Best practices for infrastructure segmentation and resilience zones.
  • Applications: Case studies on mitigating ransomware and cyber threats. 

Download the white paper and start your journey towards Zero Trust Data Resilience.