• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer
  • Student360
  • About
    • Secure360
    • UMSA
  • Secure360 2022
  • For Sponsors
  • For Speakers
  • Get Involved
  • Blog
  • Nav Social Menu

    • Facebook
    • LinkedIn
    • Twitter
    • Vimeo

Secure360

Data breaches and compromised credentials

June 30, 2016 by Secure360 and UMSA

sticky notes with passwords on them

Copyright: 123rf/iqoncept

According to a Cloud Security Alliance (CSA) report, data breaches, account hijacking and malicious insiders all rated as top threats for IT professionals. In addition, the report found that these attacks often occur because of a lack of scalable identity access management systems, failure to use multifactor authentication, insufficient password use and a lack of ongoing automated rotation of encrypted keys, passwords and certificates—in other words, insufficient identity, credential and access management ranked is a top vulnerability.

Preventing compromised credentials

An outside attacker with legitimate credentials becomes an insider with all of the privileges assigned to the stolen login. These types of compromised credential attacks are an enormous risk to businesses and government. Once an attacker has stolen database credentials, many organizations lack security tools to identify when the attacker has begun using these credentials to access the organization’s information systems.

Here are 3 tips for preventing compromised credentials within your organization. Share these with those who may not be as security savvy to protect data and mitigate threats in the long run:

1. Implement privileged session management


A privileged session manager acts as a credential delegate to connect users to systems without exposing the privileged credentials to individual users or their endpoints. The privileged manager monitors and records the session activity to ensure policies are followed and to maintain forensic data. This goes hand-in-hand with monitoring user behavior analytics, which enables organizations to detect when legitimate user accounts have been compromised by external attackers or are being abused by insiders for malicious purposes.

2. Consider minimal employee privilege access

It is going to be more secure for your business to assign users a minimal set of permissions and grant additional access as needed. As employees are promoted and change responsibilities, they will accumulate a variety of user privileges. Often these privileges are no longer required for their present position, becoming a high security risk. Losing just one set of credentials could potentially expose a variety of systems. Businesses should track which users have access to what databases and retrieve credentials when the user’s job function changes and no longer requires access to those systems.

3. Passwords, passwords, passwords

Username: JohnSmith

Password: password

We know you’re cringing, but you would be shocked at how many users are selecting basic passwords such as these. Lacking proper education and policy enforcement, users will commonly select weak passwords as a matter of convenience. Passwords consisting of few characters and no numbers or special characters are highly vulnerable to credential theft via easily-available hacking tools. Your business not only needs to enforce strong passwords, but also make credential management easy for employees. A single sign-on solution with multifactor authentication is recommended as a further step for improving users’ passwords.

Hackers are gaining access to the credentials of what should be secure organizations. Bill Mann, chief product officer for Centrify, which sponsored the report mentioned above says that they hope these findings will encourage organizations to leverage single sign-on, multi-factor authentication, mobile and Mac management, along with privileged access security and session monitoring, in order to minimize attack surfaces, thwart in-progress attacks and achieve continuous compliance.

Filed Under: Business Continuity Management

About Secure360 and UMSA

The Secure360 and UMSA team is made up of professionals in the security and risk management industries. Topics of expertise range from physical security, IT, risk management, cybersecurity, cloud, information security and records management.

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Categories

  • Uncategorized
  • Guest Posts
  • Business Continuity Management
  • News and Events
  • Physical Security
  • Cybersecurity
  • Professional Development
  • Risk and Compliance

latest tweets

  1. smallarmy
    smallarmy: @TylerCohenWood @Secure360 Good
    about 1 day ago

  2. Secure360 Conference
    Secure360 Conference: Woo hoo!! Thanks to everyone who donated and for those who would still like to, you can do so at… https://t.co/jW3EsvOAFp
    about 1 day ago

  3. Bryghtpath LLC
    Bryghtpath LLC: Bryghtpath CEO @bryanstrawser presented last week at the @Secure360 Conference on "Navigating the Ransomware Challe… https://t.co/iXa3JeRKNN
    about 3 days ago

Footer

Contact

For more information about UMSA events, contact: Marie Strawser

Email List Signup

Join our email list for monthly Secure360 news and updates!




Join our tradeshow email list for updates on sponsorship opportunities and upcoming exhibitor deadlines.

Sponsored by:
© 2022 Secure360. All rights reserved.