Sharing Isn't Caring: How Streaming Services' Lax Password-Sharing Culture Creates Opportunity for Cybersecurity Threats
Since more people are staying inside instead of heading to theaters, streaming services such as Disney+, Netflix, HBO Go, Hulu, and Apple TV are a ripe environment for password-sharing and target employees of all ages.
An employee who shared their login so a friend can watch The Mandalorian or Stranger Things may also be sharing their same login credentials to your business accounts and network.
A study conducted by the research firm Magid, found 35% of millennials (ages 23-38) share passwords for streaming services. In comparison with 19% of Generation X and 13% of Baby Boomers.
Additionally, a Shred-It survey found that 36% of the even younger generation, Gen Z (ages 7-22), were the most likely to share passwords or PINs with family and friends.
The danger of password sharing for seemingly innocuous purposes like streaming involves credential stuffing, where hackers are obtaining passwords and usernames to see if those details will gain access to accounts on different websites. This could include your business website, company email server, or even access to an endpoint such as a company computer.
Netflix has encouraged password sharing in the past but has recently hinted at cracking down on the practice in its Q3 2019 earnings call. But just because the streaming companies are looking at curbing the habit, it doesn’t mean the public will.
So what can you do to avoid this threat in your organization? We’ve got four tips to reduce the risk of breaches due to password sharing by employees:
Educate Early and Often
Chubb’s Third Annual Cyber Report revealed that only 19% of survey respondents reported learning about cybersecurity protection through their employer.
Making sure employees understand just how great the threat of password sharing is, by implementing a cybersecurity onboarding policy or having recurring educational seminars will help your business in the long run.
Encourage Employee Password Hygiene
Create policies that encourage employees to practice password hygiene.
This could mean using separate passphrases for home and work, changing passwords periodically, or requiring symbols and numbers in passwords.
Make it Manageable
Implementing password managers in your business can greatly increase the safety of your network.
Many companies have adopted password managers that have features like two-factor authentication, employee access groups, and inter-organizational password sharing capabilities.
Hire a reliable cybersecurity firm to protect your organization before a breach happens.
Whether you have a non-existed, understaffed, or over-worked IT Team, hiring a managed detection and response (MDR) team will combat employee cybersecurity mishaps.
Having onsite, 24/7/365 protection will ensure you aren’t just protected against possible password-sharing breaches, but an ever-growing list of potential cybersecurity threats.