Protecting your company’s digital assets starts by increasing online security in the workplace. One of the most common ways data breaches occur is by compromised credentials. According to the 2018 Verizon Data Breach Investigations report, 22% of all Cybersecurity breaches involves the use of stolen credentials, making it the #1 risk. Phishing and privilege abuse, also rank on top-5, all related to compromised credentials.
While Security Information and Event Management (SIEM) solution like LogPoint is the cornerstone of corporate cybersecurity and the most effective ways to detect the use of compromised credentials, increasing cybersecurity at the workplace is very much about awareness and changing user behavior to the better.
We will revert to the benefits of a SIEM solution, but here are three simple ways to reduce the risk of compromised credentials involving a tool, increased awareness and simple training & testing in the workplace:
#1: Use a Password Manager
Password Managers are simple tools that offers a wide variety of security benefits. They allow for unique securely generated passwords. For simplicity, many people use the same password on all their logins, which is a horrible practice. A password manager would allow them to create a password like: TkT9MIFwF%ogp7a2GelaY$!t for their e-mail account and ptxjPds9YfKVTN%$Ey^%qn1A for their database login. All without having to remember either one.
Many Password Managers also have the capability to change your password to various applications for you automatically. We highly recommend changing your passwords a minimum of every 90 days, but preferably 30 days.
Whatever Password Manager you pick, be sure it supports multi-factor authentication to avoid a bad actor from getting all your passwords by knocking down one door. Examples of multi-factor authentication could include Text Message Approvals or Google Authenticator.
#2: Watch out for Phishermen
It’s easy to get distracted and click on a link in an otherwise legitimate-looking e-mail. Phishing e-mails are getting better and better by the day at disguising themselves as legitimate. Some will even carry on a conversation with you if you reply. Long gone are the days of it being as obvious as a Nigerian Prince owing you money. Fighting the Phishermen is very much about awareness.
Imagine this scenario: you get an e-mail from your boss that asks you to upload a file. The e-mail looks legitimate, but your boss never asked you to upload a file to a website before. You reply to the e-mail and ask if it’s legitimate. The person on the other end simply replies back: „Yes“. What you didn’t notice is the e-mail came from [email protected] instead of [email protected], and the link URL was https://survey.compnay.com instead of https://survey.company.com.
‘You got hit by a spear phishing attack. The moral of the story? Always check the links you’re clicking on by hovering over them. When in doubt use the telephone to call and ask.
It is essential to raise awareness about Phishing and Spear Phishing among your employees. An efficient way of doing this is to use a simple online survey or learning games platform to run a multiple-choice test on which e-mails are legit and which are not. Show the results at the end of the test. This will make people think twice before clicking a dodgy link or download a suspicious file and can be repeated with regular intervals.
#3: Watch out for unknown USB Drives
If one of your employees found a USB drive on the ground in the parking lot, can you say with absolute certainty they will not use it on company computers? Those seemingly innocent USB Drives can contain lots of dangerous malware.
One of the best-known examples is a test run years ago by the US Department of Homeland Security. Security Staff secretly dropped USB drives in the parking lots of government buildings and private contractors. Of those who picked them up, 60 percent plugged the devices into office computers, curious to see what they contained. If the drive had an official logo, 90 percent were installed.
Awareness about the dangers of unknown USB drives has risen since then but educating your staff about the risk of using unknown USB drives is crucial. Plenty of organizations has tested their staff using the US Department of Homeland Security method, but the method has caused some controversy among employees. Alternatively consider giving all of your employees a cool company branded USB drive with an embedded antivirus/malware scanner or simply shut off USB drive access on company computers.
Use the LogPoint SIEM solution to get ahead of the compromised credentials risk
If an account gets compromised, wouldn’t it be nice to know and stop it before a data breach happens? That’s what the LogPoint SIEM solution can do for you. LogPoint ingests log data from across your network, including firewalls, storage units, active directory servers and applications like O365, SalesForce, and SAP. Out-Of-The-Box, LogPoint will connect with 400+ sources and non-standard sources can easily be integrated.
Once loaded into the SIEM, LogPoint advanced analytics will kick in and correlate that data to try and find indicators of compromise, attack or patterns of suspicious behavior and report to your security team. All in real time. Also, you can add User Entity Behavior Analytics (UEBA) to your SIEM solution, to leverage the power of advanced Machine Learning, enabling you to detect low and slow attacks by immediately spotting unusual patterns of activity and detect potential threats and incidents before they occur.
LogPoint is easy to use with lots of built-in content including dashboards, reports, a highly customized search engine. The LogPoint’s SIEM solution is designed from the ground up to be simple, flexible, and scalable, providing a streamlined design, deployment, and integration tools to open the use of SIEM tooling up to all types and sizes of businesses.
Contact LogPoint for more information about how we can help you protect your organization from the compromised credentials menace.