This time it’s a case of shared passwords…another case for stronger authentication.  SC Magazine reported late last week on a loss of data containing all kinds of information including people’s social security numbers (Lincoln National in Radnor, PA).  This type of information requires stronger protection than a simple password, yet companies just keep going with their outdated security models.  Use this article to show your clients why they need to invest in strong authentication methods using tokens, one time passwords, dual authentication,…etc.  Especially when dealing with financial institutions or health care, you can’t depend on employees to manage their own passwords, and in this case the passwords were shared – a clear violation of any federal security regulation or best practice in security.  Did the executives of this firm know this was going on?  Probably not – this is why it is essential to involve asset owners in the security discussion.  Custodians are not liable and have not been successful in getting their management to understand the issues that create security budgets for this type of thing.  Read more on the SC Blog.