According to the Identity Management Institute, more than 90 percent of all cyberattacks are successfully executed with credentials obtained from unwitting users. Spear phishing attacks are the most common method used to steal this information. It is easy and inexpensive for cybercriminals to send a fake email with a malicious attachment or link that downloads spyware to the victim’s computer. The malware then quietly collects sensitive identity information, including credentials for company IT resources, and transmits it to the hacker.
In many cases, enterprise security strategies are not aligned with the greatest risk. Organizations tend to dedicate significant IT resources to network security, believing that firewalls, intrusion prevention systems and related technologies will stop attackers from gaining access to IT resources. Clearly, however, human error plays a significant role in security breach incidents. The people who have access to systems and networks are the weakest links in the security chain.
Training can help boost cybersecurity by reminding users of the risks associated with phishing attacks and social engineering techniques. Organizations should also develop and enforce strict cybersecurity policies related to user credentials and data loss prevention. That said, it is impossible to eliminate human error. IT teams must bolster education and policy enforcement with effective identity and access management processes.
Our last post, Overcoming the Operational Obstacles to Privileged Account Security focused on privileged account management. The protection of privileged account credentials is especially critical because they provide hackers with virtually unfettered access to IT resources. However, all user credentials — including those of contractors, vendors, suppliers and customers, as well as employees — represent a potential vulnerability in any organization’s cybersecurity posture.
Think about all of the users accessing your systems, applications and data every day. Some may be working within the secure network but many others are working remotely from a wide range of devices and connections. Some IT resources may be housed within the secure data center but many others are scattered throughout the distributed enterprise and in the cloud. Each time a user accesses a resource, there’s a potential risk to the organization. All it takes is one compromised account to cause a security incident.
In order to combat today’s security threats, organizations need a balanced security approach that combines traditional network security solutions with governance-based identity and access management. Identity governance provides a holistic view of users and the resources they can access, with granular, automated management based upon centralized policies. A well-architected, robust solution will provide effective administration of users, roles and credentials, reducing the risk associated with orphaned accounts, excess privileges, and weak or shared passwords. We’ll take a deeper dive into identity governance in future posts.
The key takeaway here is that the network perimeter has become a porous boundary that exists wherever users access applications and data. Contact us to discuss how identity and access management can help reduce the risks associated with theft of user credentials and access exploitation.