<img src="https://secure.leadforensics.com/32105.png" style="display:none;">

Single Employee Credential Wreaks Havoc For US-based, Cyber Vendor

You may have seen in the press this week that a major, US-based, cyber security vendor fell victim to a data breach. This particular breach involved compromised employee credentials enabling unauthorised access to company data and proprietary software. Whilst the full impact is unknown at present, this does mean there is a risk of consequential breaches that could occur as a result of the proprietary information and technical 'know how' that was stolen.

The implications of data breaches can be costly for any organisation. From reputational damage to the financial impact, with the average cost coming in at £3.2m in 2021, through system downtime, loss of business, and fines. Not taking into consideration the unknown consequences of loss of intellectual property and technology “secrets”. Our practical advice for any organisation is to regularly review processes around security and user access so that external factors cannot negatively impact the wider business, whether it be private data, financial risk or something else.

Other actions to ensure your enterprise is secure:

  • Use Single Sign-On (SSO) to implement passwordless authentication, using open security standards such as SAML and OIDC to replace passwords with secure tokens
  • Where passwordless authentication is not yet supported, leverage an Enterprise Password Manager to enforce use of high-entropy and unique passwords
  • Enable multi-factor authentication on all business-critical applications or for access to your identity management solution
  • Remove redundant user licences.

We encourage all users of any cyber security products to audit the policies and procedures used for managing users and employees. We regularly review our own user processes and would encourage all organisations, based on this latest breach, to do the same. It's not just about technology, it's about people and process too.

Find out more on how organisations are protecting themselves against data breaches.

Back to Blog

Related Articles

My1Login named Winner at the 2021 Cloud Excellence Awards

My1Login is delighted to announce that it has been named the Cloud Security Product of the Year for Identity, Access and Authentication at the 2021 Cloud...

What is the Business Cost of Manual User Deprovisioning?

With the average enterprise using 288 different cloud applications, the task of provisioning and deprovisioning user access has become increasingly complex. Manual...

Cybersecurity Myths Still Believed In 2022

The nature of the threat landscape posed by cybercriminals to organisations is far from static, and both the techniques employed by attackers and the methods used...