Why compromised logins are every CIO and CISO’s nightmare!

The real, $940 million risk of sharing credentials or having weak login information!

sharing password

Last week, a federal judge awarded Epic $940 million in damages, $240 million in compensatory damages and $700 million in punitive damages in the suit against Tata. Tata plans to appeal the decision.

At the centre of the lawsuit is the unauthorized access to confidential information by Tata employees. Court documents indicate an employee of Mumbai, India-based Tata shared login credentials with others, who then accessed the web portal of the Verona, Wis.-based vendor. This sharing of credentials is a growing worry for CIOs and security professionals, and the ease with which it happened elevate that concern.

This is basically every CIO and CISO’s nightmare — unauthorized access to sensitive data and information by offshore contractors that are a direct or indirect part of their supply chain,” Avivah Litan, vice president and distinguished analyst at Gartner, a technology research company, told Wall Street Journal.

One of the most worrying aspects about a potential attacker gaining access to your network using compromised credentials is that you’re unlikely to find out about it straight away. Once an attacker is in using a legitimate login, there’s no reason for your anti-virus, anti-intrusion and firewall to believe that the person accessing the information is not legitimate — so it might take a stroke of luck or a particularly eagle-eyed IT administrator before you catch the perpetrator and limit the damage.

However, there are simple ways to help safeguard networks against compromised, shared and stolen credentials.

Unlike two-factor authentication which can often get in the way of employees doing their job, these solutions are transparent to the end-user and don’t impede your employees. It’s here that IS Decisions’ products UserLock and FileAudit can help.

For example, UserLock can restrict access to the organisation’s systems to certain workstations, devices, departments or different times of the day. Then if an attacker does manage to get their hands on an employee’s password, they can’t log in unless they’re on site or logging in from a particular device.

In addition, companies can implement FileAudit that alerts administrators to strange behaviour on the network, such as mass file deletion or copying.

Download the free 30-day trial versions to see for yourself.

A joined up approach

As the high-profile security breaches continue in 2016, IT professionals must take a joined-up approach of better user education and technology solutions across the whole enterprise.

Here’s a 12 step guide to help future proof your organization and most effectively mitigate against this type of insider threat.

12 steps addressing insider threat

Share this post :


Chris Bunn is the Directeur Général Adjoint of IS Decisions, a global cybersecurity software company, specializing in access management and multi-factor authentication for Microsoft Active Directory environments and the cloud.

Secured By miniOrange