Change language:
Get a quote

Access Control: Common User Errors in Everyday Office Life

Jul, 10 2025
Access Control: Common User Errors in Everyday Office Life

Cyberattacks are the greatest risk for companies worldwide in 2025. Business interruptions, revenue losses, production downtimes, and significant financial damage are often the consequences of security incidents. In 2024 alone, 8 out of 10 companies became victims of data theft, espionage, or sabotage, causing damages exceeding 260 billion euros in German companies alone — with a high number of unreported cases (Bitkom, 2024).

 

Frequently, it is user errors in everyday office life that open the door for cybercriminals  even when state-of-the-art security measures have already been implemented on the infrastructure level.

 

Below are some of the most commonly observed user errors in practice, along with technical or organizational adjustments that can help prevent them.

 

Employees often use weak or identical passwords for multiple services. Complex passwords that are difficult to remember are frequently written down on small notes left on or near the workstation, making it easier for unauthorized individuals to gain access.

 

This error can be avoided by introducing password management tools that enforce complex and unique passwords through password policies. Adding multi-factor authentication further increases security.

 

Let’s move on to the next avoidable mistake: Even if two-factor authentication — ideally with a hardware security key — has already been implemented, it is often observed that these hardware security keys are left unattended and unsecured at the workstation when employees leave.

 

Therefore, it is strongly recommended that employees receive mandatory training on how to handle this technology. Hardware security keys should either be securely stored (e.g., in a lockable drawer) or carried by the employee when leaving the workplace. Multi-factor authentication using hardware security keys only provides added value and an extra layer of security to the IT infrastructure if the user knows how to properly protect their PC from unauthorized access.

 

At this point, many users ask why multi-factor authentication using a physical hardware security key adds an extra layer of security.

 

These hardware security keys enable physical multi-factor authentication. Cybercriminals often use phishing attacks to steal login credentials (username/password) from users. With physical MFA methods, hackers have virtually no chance of stealing user credentials, as authentication always requires the physical second factor (hardware security key). This is why it is so important that employees take the hardware security key with them when leaving their workstation.

Security starts with awareness: Even the best technology is only as strong as the people who use it.

Conclusion: Multi-factor authentication as a cybersecurity measure for strong access control is now considered state of the art in defending against phishing attacks. Hardware security keys use cryptographic keys to ensure secure authentication and block unauthorized access to systems and data by requiring the user to verify their identity through PIN entry and physical confirmation.

Tags

Access ControlMFAPasswordmanager

Recent articles

ai-powered-automation-of-cybercrime

Apr, 2 2024

AI-Powered Automation of Cybercrime

In Germany, businesses are experiencing an unprecedented wave of cyberattacks, with damages reaching €206 billion in 2022. Artificial Intelligence (AI) plays a dual role, being utilized for both defense and as a tool in cybercrime. AI aids in detecting anomalies and preventing attacks, but it is also used by cybercriminals to automate attacks....

starsstars
line
line