There is a superstition that bad things happen in “threes.”
This month, we mourned the loss of three national icons — Astronaut, John Glenn, Actor, Alan Thicke and TNT Sideline Reporter, Craig Sager. Similarly, this week, I received an email from Yahoo! announcing they had been breached again — affecting over 1B users — including me. On Friday, I received another notification from Bleacher Report, informing me that their users had been compromised. Do you see where this is going?… STOP!
Is this Superstition True?
The short answer is No. Are superstitions true? Most rational people would agree that they are not, so how do you break this cycle of irrational belief? Here are three best practices your organization can do to proactively break this cycle, and ensure you are not the next company to be breached:
- Incorporate an identity service that delivers security and productivity to end users by securing access to cloud, mobile and on-premises applications via single sign-on.
- Integrate adaptive multi-factor authentication (MFA) and provide context-based authentication to your employees, partners and contractors.
- Implement Privilege Identity Management (PIM) to securely manage and audit access to your infrastructure with shared account password management for internal users, outsourced IT and third party vendors.
George Satayana is credited with the famous quote, “Those who cannot remember the past are condemned to repeat it,” and it’s applicable here. We have overwhelming evidence from annual Verizon reports, and after action reviews of some of the largest breaches, such as OPM and Sony that compromised credentials were the entry point for hackers. By using these three measures, you will reduce your company’s attack surface, and significantly reduce the opportunity for attack against the leading attack vector – compromised credentials.
Learn more about how to protect your enterprise with MFA with our eBook: “Level Up Your Security.”