Context-Aware Security Leaves Leaked Employee Passwords Useless

leaked password useless context aware security

At 221 of the leading Fortune 500 companies, employees’ credentials are posted publicy online for hackers to steal and reuse in cyberattacks. This research is just one of many stories we see every year about how leaked employee passwords leave companies vulnerable to hackers who can use the data to break into networks or mount phishing and social engineering attacks.

The result of these stories is often a call for a replacement to passwords with biometrics and tokens. However, I don’t believe that the password needs to die out at all — rather how we protect our passwords needs to change. Many organizations think that means multi-factor authentication (MFA), which adds layers of security to authentication, but research from IS Decisions has found that 62% organizations don’t use MFA, citing complexity and time as the biggest barriers to adoption.

Many organizations are turning instead to context-aware security to protect their passwords, which doesn’t impede the end user like MFA does or take up lots of time to set up and manage by the IT department.

UserLock is such a solution that offers Windows server administrators this contextual access protection to prevent internal and external threats related to compromised credentials.

Context-aware security uses supplemental information to the password to decide whether access is genuine or not. This supplemental information can take the form of what device the user is using, the geographical location the user is logging in from, the time of day the access attempt is taking place, the number of simultaneous logins, and many other factors. Using this information administrators can set granular access rules, such as only those logging in from the workstations in a particular department of a building can get access — and any attempt to log in outside of those perimeters is automatically denied and the network is protected.

Real-time context-aware monitoring also means other suspicious activities, that could be seen as potential security risks, are red-flagged. Administrators are then alerted and can then grant or deny access with a quick click.

What all this contextual information means is that if passwords are leaked or stolen, data remains secure because cybercriminals won’t be able to get access. The password they get their hands on becomes useless.

Reviewed this week by HelpNet Security as “easy to configure and manage“, UserLock is given ‘5 out of 5’ and summarized as follows:

Review: IS Decisions UserLock

October 25, 2016

Stolen user credentials were at the root of some of the biggest hacks in the last few years. UserLock is a powerful product that focuses on preventing the internal and external threats related to compromised credentials, by providing the administrators with detailed options for monitoring and restricting access to their Windows-based networks”

Read the full review here

Share this post :


Chris Bunn is the Directeur Général Adjoint of IS Decisions, a global cybersecurity software company, specializing in access management and multi-factor authentication for Microsoft Active Directory environments and the cloud.

Secured By miniOrange