The triumphs, trials and everyday experiences of being at the sharp end of the IT sector.
Security Advisory: Use of company email and passwords on external websites
While investigating a potential security breach at a client’s site today, we discovered that an individual had used the company email and password on several external websites.
These days, with so many password and pin codes to remember, it isn’t perhaps surprising that passwords get reused, but use of company network credentials for external websites should be strongly discouraged. Should this external data be exposed it would not take much conjecture to compromise user accounts on the network. With sites like LinkedIn and Sony recently suffering compromises, this isn’t a theoretical problem.
We would recommend that you consider this matter with some urgency and advise your teams accordingly.