• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer
  • About
    • Secure360
    • UMSA
    • Get Involved
  • Events
    • Secure360 2021
    • Student360
    • Past Events
      • 2020 Secure360 Twin Cities
      • 2020 Student360
      • 2019 Secure360 Twin Cities
      • 2019 Student360
      • 2018 Secure360 Twin Cities
      • 2018 Secure360 Wisconsin
      • 2018 Student360
      • 2017 Secure360 Twin Cities
      • 2017 Student360
      • 2016 TC Secure360 Conference
      • 2015 Secure360 Conference
      • 2014 Secure360 Conference
      • 2013 Secure360 Conference
        • 2013 Secure360 Conference Speaker Presentations
      • 2012 Secure360 Conference
  • For Sponsors
    • Secure360 Twin Cities
    • Student360 Sponsors
  • For Speakers
    • Secure360 Speaker Details
    • Student360 Speaker Details
  • Blog
  • Nav Social Menu

    • Facebook
    • LinkedIn
    • Twitter
    • Vimeo

Secure360

Data breaches and compromised credentials

June 30, 2016 by Secure360 and UMSA

sticky notes with passwords on them

Copyright: 123rf/iqoncept

According to a Cloud Security Alliance (CSA) report, data breaches, account hijacking and malicious insiders all rated as top threats for IT professionals. In addition, the report found that these attacks often occur because of a lack of scalable identity access management systems, failure to use multifactor authentication, insufficient password use and a lack of ongoing automated rotation of encrypted keys, passwords and certificates—in other words, insufficient identity, credential and access management ranked is a top vulnerability.

Preventing compromised credentials

An outside attacker with legitimate credentials becomes an insider with all of the privileges assigned to the stolen login. These types of compromised credential attacks are an enormous risk to businesses and government. Once an attacker has stolen database credentials, many organizations lack security tools to identify when the attacker has begun using these credentials to access the organization’s information systems.

Here are 3 tips for preventing compromised credentials within your organization. Share these with those who may not be as security savvy to protect data and mitigate threats in the long run:

1. Implement privileged session management


A privileged session manager acts as a credential delegate to connect users to systems without exposing the privileged credentials to individual users or their endpoints. The privileged manager monitors and records the session activity to ensure policies are followed and to maintain forensic data. This goes hand-in-hand with monitoring user behavior analytics, which enables organizations to detect when legitimate user accounts have been compromised by external attackers or are being abused by insiders for malicious purposes.

2. Consider minimal employee privilege access

It is going to be more secure for your business to assign users a minimal set of permissions and grant additional access as needed. As employees are promoted and change responsibilities, they will accumulate a variety of user privileges. Often these privileges are no longer required for their present position, becoming a high security risk. Losing just one set of credentials could potentially expose a variety of systems. Businesses should track which users have access to what databases and retrieve credentials when the user’s job function changes and no longer requires access to those systems.

3. Passwords, passwords, passwords

Username: JohnSmith

Password: password

We know you’re cringing, but you would be shocked at how many users are selecting basic passwords such as these. Lacking proper education and policy enforcement, users will commonly select weak passwords as a matter of convenience. Passwords consisting of few characters and no numbers or special characters are highly vulnerable to credential theft via easily-available hacking tools. Your business not only needs to enforce strong passwords, but also make credential management easy for employees. A single sign-on solution with multifactor authentication is recommended as a further step for improving users’ passwords.

Hackers are gaining access to the credentials of what should be secure organizations. Bill Mann, chief product officer for Centrify, which sponsored the report mentioned above says that they hope these findings will encourage organizations to leverage single sign-on, multi-factor authentication, mobile and Mac management, along with privileged access security and session monitoring, in order to minimize attack surfaces, thwart in-progress attacks and achieve continuous compliance.

Filed Under: Business Continuity Management

About Secure360 and UMSA

The Secure360 and UMSA team is made up of professionals in the security and risk management industries. Topics of expertise range from physical security, IT, risk management, cybersecurity, cloud, information security and records management.

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Categories

  • Uncategorized
  • Guest Posts
  • Business Continuity Management
  • News and Events
  • Physical Security
  • Cybersecurity
  • Professional Development
  • Risk and Compliance

latest tweets

  1. Secure360 Conference
    Secure360 Conference: Spots are filling fast & you don't want to miss these benefits! Register as a #Secure360 sponsor to show off the la… https://t.co/aqNcbZ25Ek
    about 1 day ago

  2. Secure360 Conference
    Secure360 Conference: Really interesting read from our Diamond #sponsor, @Cisco! Learn how to build #resiliency through a year of change https://t.co/GTWe6a0W3A
    about 2 days ago

  3. Secure360 Conference
    Secure360 Conference: We are partnering with @cioreview for #Sec360 coming up on May 11-12, 2021. #CIOReview is a technology magazine tha… https://t.co/RD0vKU5Vrn
    about 2 days ago

Footer

Contact

For more information about UMSA events, contact: Marie Strawser

Email List Signup

Join our email list for monthly Secure360 news and updates!




Join our tradeshow email list for updates on sponsorship opportunities and upcoming exhibitor deadlines.

Sponsored by:
© 2021 Secure360. All rights reserved.