The migration of means to the Cloud has been the common denominator in company business strategies over the last two years, coupled with the rising number of incidents involving the theft of sensitive information and user passwords on Cloud platforms. According to the Verizon Data Breach Report 2021, in 2020 real-time security incidents were detected, out of which were confirmed data breaches. The report indicates that attacks on web apps still represented a significant cybersecurity issue, accounting for 89 breaches in 2020, out of which 61 exploited compromised credentials.
Credentials can be stolen, bought, guessed, or found on the dark web, especially if users don’t exercise secure password protection or if a secure structure is lacking at a technological level. This isn’t just a problem for users but also for companies, as their reputations can be damaged by data breaches.
Implementing identity management and access control policies is key to protecting a company’s confidential information. When users access a protected service, requesting additional information other than the password provides another security layer and proves a reliable tool to reduce data breaches in mobile apps. Multi-factor authentication (MFA) requires users to provide two or more pieces of information, such as the password associated with the username and push notification, a time-based one-time password (OTP), or other factors supported by their service or application.
Another effective solution to prevent this type of account theft is an endpoint protection (EPP). Through a portfolio of techniques based on local caching, behavioral heuristics, and intelligence feed, security platforms can detect malware and other types of threats at endpoints that could lead to data breaches, such as credential theft through phishing.
Another common element is the adoption of authentication as a Service (AaaS). As companies migrate their services to the Cloud, CISOs incorporate services with Cloud authentication capabilities when implementing their strategy so that institutions can verify customers safely through multi-factor authentication (MFA). This enables organizations to protect access to any application, from any device, anywhere in the Cloud.
Given the risk of credential theft, we shouldn’t forget the important role played by Host Sensors, which are capable of collecting data on any type of anomaly detected, and sending it to the Cloud for analysis. The way data is collected is fully configurable in this type of solution, pinpointing parameters similar to files, processes, network connections, and registry keys in the host. With this information, security systems can take appropriate action to address certain types of threats depending on the configuration, in order to prevent credential theft. A good example would be someone that got access to a user’s computer and is trying to forcibly get privileged access to servers.