How to prevent impersonation of your users
There are many companies that are affected daily by security breaches that cause theft, kidnapping and destruction of confidential information. All these gaps usually have a common origin: Passwords of compromised users.
In many cases (more than 52%), these gaps are the result of a human error (users using the same passwords they use when registering on certain websites, opening emails in which it is requested to log in to a fraudulent form, using passwords simple, etc ..).
Indeed, password theft is very common and highlights the importance of protecting the identity of the user beyond his password, since it will eventually be compromised. Undoubtedly, an account protected only with a password is an easy target for attackers.
Not all victims remain anonymous
Recently, a news item has been published in the media about the phishing attack suffered by the municipal urban transport company of Valencia (EMT) . In this case, the "hackers" sent some emails on behalf of a company manager to the head of administration in which he ordered the payment of several financial operations worth 4 million euros and unfortunately the employee trusted making such payments. These types of scams are becoming increasingly relevant among companies that are not adequately protected but do not come to light for obvious reasons (shame). In this case the company is public and for that reason it has appeared in the media although in fact, from Softeng we are seeing clients who have not yet chosen to protect themselves, suffering similar cases.
How can you prevent something similar from happening in your company?
You can help prevent some of the identity attacks by adopting a strategy to train your employees to protect against phishing, but what will really help you is that it is practically irrelevant to have your password stolen, adding an additional step to authenticate.
Two-step authentication (called MFA ) provides an additional layer of security to your company, being an access control method that allows you to confirm the identity of a user to prove who he says he is. It works by requesting two, or more, of the following methods of authentication:
- An item you know (usually a password or pin).
- An item you have (a trusted device, such as a mobile phone or a digital key).
- A biometric feature that identifies you (a fingerprint or your face).
- An App on your device, protected, that allows the user to authorize access.
With the use of several factors to verify a user's identity, the vast majority of password theft attacks are neutralized since their work multiplies exponentially by needing to "hack" more than one system at the same time to gain access.
Two-step authentication is very simple to use and includes the possibility of configuring trusted locations (delegations, offices, ...) for greater security and user comfort.
The usual tips on changing passwords often or making them complicated are really of no use in the face of the millions of attacks that are suffered daily (more than 300 million fraudulent login attempts directed to cloud services from Microsoft). The idea is, if your password has not been stolen from anyone, why change it? Or .. if your password already has a hacker and you don't know it, why wait 2 months to change it?
According to studies, multi-factor authentication solutions block 99.9% of these unauthorized login attempts .
Don't you think the time has come to incorporate it into your company?
How can you have two-step authentication?
This feature is included in the Azure Active Directory Premium subscription and in the packages that contain it: A solution that in addition to helping to guarantee access to applications and data only to people who really are who they say they are, includes the ability to apply smarter restrictions using three key features:
- Conditional access : To limit access to applications from outside the company (based on group membership, geographic location and device status).
- Identity protection: Conditional access based on risks. For this, strange behaviors are analyzed (for example, you have logged in from very distant locations in an impossible time, you try to access from a computer not managed by the organization and others).
- Management of privileged identities: Administration and protection of administrator accounts, allowing to assign the administrator role to a user temporarily, alerting of the change and monitoring their access to resources.
If you wish, see all the details of Azure Active Directory Premium
In short, "hackers" have more and more methods at their disposal to obtain the credentials of users and, in most cases, will end up obtaining it.
Do you want to know more about how to protect the identity of your users? Contact us!