ESG Blog Series 5: Our Commitment to Good Governance05/12/2022
Automating repeatable business processes keeps your talent happy15/12/2022
Organisations must start prioritising their credential theft protection. With most data breaches now linked to stolen credentials, this common and hard to detect threat, is further exasperated by a growing hybrid workforce and is costing companies millions. Data breaches caused by credential theft cost businesses an average $4.5 million, according to a 2022 IBM report, and are some of the most difficult to identify and contain.
Credential theft and harvesting attacks can involve the pilfering of individual login information up to entire databases of authentication data. Cybercriminals can use a manner of techniques such as email phishing, tapping into the natural human instinct to trust. And trust is the key ingredient that makes employees so vulnerable to credential theft.
Credential thieves take advantage of both human and system vulnerabilities, so fending them off requires a layered approach that addresses weaknesses on both fronts.
A multi-faceted threat requires multi-faceted protection
Ultima and Mimecast can help companies minimise the risk of credential theft in multiple ways including securing email, educating employees about the threat and their role in mitigating it, and deploying machine learning and advanced computer vision algorithms to identify and block malicious URLs used to gather credentials.
With cybercriminals attacking from every angle, here are seven ways in which you can reduce the risk of credential theft occurring to your organisation:
- Implementing AI-enabled credential theft protection: Mimecast’s email and security resilience can help stop credential theft at its source. Its sophisticated scanning uses machine learning and advanced computer vision algorithms to detect anomalies that appear in phishing emails and web pages. The analysis is more precise than that of the human eye, capable of detecting even a single pixel’s difference from a safe website. Depending on the level of risk calculated, the system either warns users of the potential issue or blocks access to the page.
- Investing in awareness initiatives and user behaviour training: Leading programmes will enable organisations to test employees’ readiness using de-weaponised versions of real-world attacks. Awareness and training around good password hygiene are also key in keeping employees from reusing passwords or leaving credentials unprotected.
- Enforcing identity and access management: Keeping all privileged accounts protected is critical to prevent this kind of credential harvesting. Rather than allowing the hardcoding of admin passwords, companies can employ password vaults to help users create different passwords for each use, for example, and store and use passwords safely. Granting the least privileges necessary to access network and data assets is another cornerstone of security. Tools can also identify signals such as physical location, the device used, or the application being accessed, and then apply pre-set, conditional access policies based on those parameters.
- Considering multi-factor authentication (MFA): While multi-factor authentication does not directly prevent the collection of network or application credentials, it can thwart their use. Rather than just requiring a username or password, MFA compels a user to provide one or more additional verification factors to access an application, online account, or VPN.
- Introducing and enforcing a bring your own device (BYOD) policy: The use of personal devices at work creates an additional risk of credential theft, particularly if employees have their credentials saved on their phones or laptops. Every organisation should have a policy outlining security controls and what users can and can’t access from personal devices.
- Analysing user behaviours: Monitoring employee activity can help ensure they handle their credentials and access properly. There are tools available to analyse behavioural patterns and identify abnormal or unexpected actions that may indicate malicious or inadvertent exposure of credentials.
- Monitoring for insider threats: Employees, contractors, and partners are all prime targets for threat actors seeking access to entire databases of credentials. Most attacks (credential harvesting or otherwise) only begin from the outside, once attackers are in, they often seek to expand their access using a compromised email account or remote access malware. An inside threat programme like Mimecast’s can automate protection against malicious, compromised, or even careless insiders.
To discover how Ultima and Mimecast can help protect your organisation and combat the threat of credential theft, contact us here.
Why Ultima and Mimecast?
Ultima is a Mimecast Premier Partner, having worked together for several years delivering cloud-based email security, archiving, and continuity solutions for Exchange & Office 365. Ultima also holds Gold Partner status with Microsoft, making us the ideal partner to advise your organisation.
[GB1]Can you add a page here?