WHAT IS THE BLOG ABOUT?
Data security, authentication, MFA, ZeroTrust, brute-force
There are many types of employees in businesses, but there are basically two main types in terms of IT security. One who is connected to the necessary resources and applications on the company’s internal, managed systems. The other, who is out of the office, shop, or plant while working, but also needs access to corporate administration or office applications.
WHY IS IT IMPORTANT?
The 2020 pandemic has reorganized many jobs into home offices, and there is still a great need on the part of workers to have more traditional office positions remotely accessible. Innovative IT solutions such as the development of online sales methods or the creation of cloudy workspaces also support the principle of being able to work from anywhere. Statistics show huge internet growth worldwide, and with the digital transformation, the number of data leaks and malicious attacks is also rising sharply.
THE DEVIL NEVER SLEEPS AND THIS CAN COST A LOT!
Costs following data leakage are rising year on year. According to a 2021 report by IBM and the Ponemon Institute Cost of Data Breach Report, the cost of data leakage has risen from $ 3.86 million to $ 4.24 million. The statistics were based on 537 data leaks in 17 countries, 17 industries and three and a half thousand interviews. The interviews show that e.g. the situation in retail has deteriorated a lot.
- 50% of retailers have experienced data leakage.
- 40% of retailers experienced a dropout that had an impact on revenue.
- 30% of retailers lost such critical business data that affected the business long after the breaches.
Security Magazine reports that the number of credentials stolen and revealed has increased by 300% since 2018. According to the 2021 Verizon Data Breach Investigations Report, passwords accounted for 89% of incidents involving web applications, whether through stolen credentials or brute-force attacks. Given this, it is clear that the protection of credentials is paramount.
WHAT CAN YOU DO ABOUT THREATS?
Be aware and don’t trust anyone until you know who’s on the other side of the connection!
Apply ZeroTrust security!
ZeroTrust assumes a security breach and therefore does not allow access until reliability has been verified multiple times with multi-factor authentication. Don’t base your protection on a one-layer solution, especially when it comes to protecting your credentials and reliable access! Antivirus and firewalls are great solutions, but by adding a separate MFA solution, companies can better protect their sensitive data and devices. This can be the first layer to provide authentication that prevents attacks on credentials.
Phishing and deceptive social engineering campaigns are a leading problem
Attackers can easily access e-mail lists and profiles from the dark web and launch a phishing attack against commercial companies. One click is enough to download malicious programs, such as keyword loggers, that can capture non-MFA-protected credentials and gain access to systems. CSOonline.com reports that 94% of malware arrives via email, and phishing attacks are responsible for more than 80% of security incidents. Almost all of these start with the theft of credentials.
A security incident at a third party can lead to even more incidents
Protecting VPNs, devices, and endpoints with MFA can prevent damage from security breaches and data leakage by third parties (vendors, subcontractors, etc.) by protecting trusted access to critical systems. With adaptive policies, Duo MFA can restrict access to applications and data based on the knowledge required. Other incident-causing entry points include unrepaired updates and zero-day vulnerabilities. Maintain your devices and software regularly to prevent unauthorized access! With Duo Device Health, you can check the security posture of devices connected to your network and restrict access if devices do not meet certain security requirements.
Be aware of the dangers of Brute-Force and Credential Stuffing.
According to a LastPass survey, 91% of respondents admitted to reusing passwords. Hackers are aware of this and collect passwords from credentials or the dark web. Automated tools are then used to test passwords for access through various websites, known as Credential Stuffing, or Brute-Force. Once they get in, an internal, multi-directional attack can begin. The 2021 Verizon Data Breach Investigations Report finds 61% of all breaches exploited credential data via brute force attacks, credential stuffing attacks, or credential data leaked and used later. A powerful MFA solution can provide real protection against attacks that start using stolen data.
CONCLUSION & SOLUTION
Protecting credentials is a vital part of a business organization’s successful security strategy. By implementing a powerful MFA solution like Duo, in which users must present a combination of credentials to verify their identity before they can gain access, attackers will not be able to launch attacks from the user side. This is because the Duo MFA requires authentication in addition to the user name and password, such as a trusted device, software, possibly a hardware token, or biometric data such as the fingerprint. Thanks to these requirements, MFA is 99.9% effective in preventing the first steps in fraud. MFA is one of the cornerstones of ZeroTrust security and will help achieve the level of security that companies will absolutely need in 2022.