Without getting complicated, OneLogin, Okta, Centrify, Microsoft, RSA SecureID Access, SalesForce App Cloud, and even more basic password managers store user identities, and login information. Using these services means that users only need to remember one password and all of their other logins are handled for them.
The most important thing about the OneLogin breach: It affects you and everyone else, not just the 2000 customers of OneLogin.
If you store information in the cloud, including information your customers entrust to you, and if your cloud provider uses OneLogin internally, then your sensitive information could possibly be accessible as well. Cloud based service providers you use every day might use identity management.
This is another example of how someone else’s breach can hurt you, including exposing your customers’ sensitive information.
The big question is: How long have attackers had access? Thank goodness OneLogin at least identified that they’d been breached. Are any other identity management firms breached and don’t yet realize it? What are attackers accessing around the world using stolen passwords?
Please forward this to anyone you know who may not realize that these single points of failure, holding login information for many services that even your service providers may use internally, are very attractive targets for attackers. One successful attack results in a goldmine of information, including yours.
Posted by Mike Foster in Best Practices, IT Security, LastPass, password, Password Manager, Password Safety, Password Security on June 21st, 2017.
Tags: Centrify, cyber security, Cyber Security Best Practices, Cyber Security Breach, Cyber Security Consultant, Cyber Security Tips, hackers, Internet Safety Tips, it best practices, IT network security, IT pros, it risk management, it security audit, IT security consultant, it security expert, IT security procedures, it security review, IT security training, login information, microsoft, Okta, OneLogin, password managers, risk management, RSA, Safe Network, SalesForce App Cloud, SecureID Access, Security expert, Security Measures, Strong Network, Strong Security, tech support
Imagine giving each of your team members a loaner computer every time they need to open a file that they download or receive as an attachment. The loaner computers won’t be connected to your network, so if a file is infected, ransomware and other viruses would not affect your network. Continue reading ‘Protect Against Bad Attachments and Employee Downloads’
Posted by Mike Foster in Bromium, Cyber Scams, Cyber Security, Cyber Security Breach, Download, IT Best Practices, IT Security, IT Virus, Ransomware, RSA, WDAG on February 23rd, 2017.
Tags: Bad Attachment, Bromium, Computer Virus, cyber security, Cyber Security Best Practices, Cyber Security Breach, Cyber Security Consultant, Cyber Security Tips, hackers, Infected files, Internet Safety Tips, it best practices, IT network security, IT pros, it risk management, it security audit, IT security consultant, it security expert, IT security procedures, it security review, IT security training, IT Virus, malicious file, Ransomware, risk management, RSA, RSA Security Convention, Security expert, tech support, WDAG