Businesses lose millions of dollars each year due to leaked enterprise infrastructure secrets including code, credentials, and keys, a new survey from 1Password found.
The report, which polled 500 IT and DevOps workers in the US in April, examines how organizations manage these types of sensitive information and corporate "secrets". Researchers found 65% of IT and DevOps employees estimate their company has more than 500 secrets and workers spend an average of 25 minutes each day managing this private information, at an estimated payroll expense of $8.5 billion annually across US companies. That amount has risen: 51% of respondents say their time spent managing secrets has increased in the last year.
Responses reveal while IT and DevOps employees are concerned about the consequences of their companies not doing enough to secure private information, they are simultaneously careless about sharing this sensitive data.
Nearly two thirds (64%) of IT and DevOps workers admit to reusing enterprise secrets between projects and 36% say they'll share secrets over insecure channels to increase productivity and speed. Nearly all (97%) of IT and DevOps workers report their organization has a policy in place for enterprise secrets generation, but just over a third (36%) say their company is strict with its policy enforcement.
The full report can be viewed here.