While the cybersecurity landscape is complex and evolving, with many threats to organizational security lurking in the shadows, there are platforms, processes, and strategies that MSPs and resellers can leverage to better protect their customers. is also widespread.
Mike Greene, CEO of Enzoic, recognizes that compromised credentials are the biggest risk to enterprise security. That's why Enzoic is focused on providing the industry with tools to detect and stop weak and leaked passwords.
We spoke with Greene about some of the most significant threats facing credential security and how partners can take steps to protect their clients from falling victim to them. I heard.
What are the most common mistakes employees make with passwords?
The most common mistakes result from users not understanding that having a complex password is not enough, and reusing passwords across accounts. Passwords can be complex and virtually impossible to guess, but this becomes meaningless if the password is compromised.
Additionally, humans are very predictable. We naturally follow predictable patterns, and hackers understand that too. They know these patterns and how to exploit them to great success. Hackers have access to a huge library of common and compromised passwords from countless sources. When passwords are compromised and users keep reusing them on countless sites, those sites become vulnerable and become targets for data breaches.
Solutions to this challenge include helping users overcome these patterns and matching passwords against a database of previously exposed credentials.
What are the biggest external threats facing password security?
The biggest external threat to password security for any business is a data breach that occurs on a third-party site or service. If an employee of your organization had an account on a compromised site, they are likely using the same or similar passwords on your company's site. This means that hackers can access the credentials that work on your company's site.
Part of the problem is that organizations can't control the security of the sites their staff visit on their personal time, so they can't prevent the effects of a data breach. In many cases, you won't even know a breach has occurred until it's too late. To prevent this threat, companies need to understand whether employees are using or attempting to create passwords that were previously compromised as part of a third-party breach.
How can Zero Trust principles help prevent security breaches?
Zero Trust principles help prevent security breaches by ensuring that you are verifying identity and authorization before allowing someone to access anything on your network. This is in contrast to previous approaches that assumed that everyone within the corporate network perimeter was trusted and granted full access to everything inside.
Instead, Zero Trust continually verifies a user's identity every time the user attempts to access a new area or resource. This is effective in preventing compromises from both internal and external threats. However, Zero Trust principles do not work on their own when users' authentication credentials can be found on the dark web or easily guessed by hackers.
What role should biometrics play in a strong security posture?
There are three possible types of authentication: That is, something you know (such as a password), something you have (such as a token device), and something you are (biometric information such as a fingerprint). Unfortunately, each of these authentication factors has potential weaknesses.
Given the current state and nature of biometric technology, the current version of the NIST 800-63B guidelines for authentication only proposes “limited use of biometrics,” and even then, Only combined use is recommended. The best security posture comes from protecting company accounts and assets with strong, secure passwords. Additionally, many biometric systems have passwords as a backup, negating any security benefits of these systems.
Are there steps organizations should take to ensure their most privileged credentials are protected?
Privileged accounts such as IT administrators and financial professionals are very attractive targets for hackers, so it's important to protect them as strongly as possible. A good first step is to limit the number of these accounts to reduce potential targets. Organizations do this by using the principle of least privilege (PoLP) to identify which accounts actually require elevated permissions and which accounts can have reduced permissions to reduce potential risk. You can do it.
For accounts that require elevated privileges, ensure each account has a secure password and audit usage of these accounts to identify potential breaches as soon as possible. You can take defensive measures such as:
How can MSPs and resellers support their clients' password authentication strategies?
Organizations rely on partners to identify what really matters and apply common-sense best practices in cybersecurity technology. All companies should take an active interest in their security, but at the end of the day, they should be focused on running their business. That's where MSPs and resellers can step in and leverage their security expertise and extensive industry knowledge to identify potential gaps in their clients' defenses.
Regarding credentials, partners can support clients in following NIST certification guidelines, eliminate the use of common, easy-to-guess or compromised passwords, and remove requirements for regular password changes and password complexity. can. Weak or stolen credentials are a problem. With hacking-related data breaches one of the culprits, MSPs and resellers can apply password-strengthening solutions as a cost-effective way to keep their clients protected.
Enzoic's real-time alerts and actionable intelligence play a vital role in enabling this proactive response to password-related threats. Through our proprietary data systems, we collect, enrich, and distribute this data within a secure and highly available framework. Our tools provide automated remediation and automatically prompt password resets if a password is compromised, ensuring our client's defenses are not only reactive but also proactive against the latest breaches. Guaranteed to be strengthened.
The post How MSPs and Resellers Should Approach Cybersecurity first appeared on Enzoic.
*** This is a syndicated Security Bloggers Network blog brought to you by Blog | Security Bloggers Network. Created by Enzoic. Read the original post: https://www.enzoic.com/blog/how-msps-and-resellers-Should-approach-cybersecurity/
