April 5, 2023
Unauthorized access is when someone gains access to a device, network, server, data, or another system without permission. Typical motivations for cyber-attacks include: gaining access to your client’s and internal sensitive data, holding the data hostage as part of a ransomware attack, or simply causing damage. Per Sophos’ The State of Ransomware 2022 report, 66% of respondents had been hit by ransomware in the past year – up from 38% in 2020. The report also noted that 72% of respondents saw increased volume, complexity, or impact of cyber-attacks.
Cyber-attacks are especially dangerous for mid-size businesses. According to a 2023 Huntress report, cyber-attacks are the number one threat. The stakes of a cyber attack are high – 60% of cyber-attack victims are out of business in six months. Fortunately, there are measures that mid-sized companies can take to strengthen their security posture against attackers.
Identity and Access Management (IAM) refers to the policies, processes, and tools used to ensure users only have access to data they have the proper credentials for. IAM practices are more important today than ever. According to Verizon’s 2022 Data Breach Investigation Report, 80% of web application attacks utilized stolen credentials. Additionally, the National Security Agency and Cybersecurity Infrastructure Security Agency states, “excluding breaches based on user error and insider misuse, 40% of breaches involved stolen credentials and nearly 20% involved phishing.”
Implementing a documented set of policies and procedures for identity governance enables your organization to consistently manage its digital identities and data access with better control and visibility. These policies should include the principle of least privilege (described below). Some other policies may consist of password strength guidelines, regular audits of active and inactive accounts audits, and access reviews. Your organization can dramatically improve its security posture and reduce unnecessary risk by establishing and following best practice procedures.
The principle of least privilege is that users should only have access and authorization to the minimum resources required to do their job. Limiting account privileges reduces the potential damage from a cyber-attack due to unauthorized access. An organization with too many users and vast access privileges substantially increases risk. A bad actor breaching a privileged account can do widespread and long-lasting damage by accessing sensitive data or installing malware. The goal of least privilege is to balance usability and security so that your users have everything they need to perform their duties without exposing your company to unnecessary risk.
By now, we’ve all experienced multi-factor authentication (MFA) in some form. After entering a password to log into an account, the user is prompted to authenticate their identity using a second “factor.” This is often a text or phone call to a registered number. MFA helps mitigate the weakness of passwords, which can be stolen through various means. If an attacker discovers a user’s password, the second factor stops the attacker from accessing the account. It also alerts the user to the fraudulent sign-in attempt so they can change the password. MFA is one of the easiest ways to protect your data against unauthorized access.
Dewpoint security experts can help your organization assess its current security posture, identifying and prioritizing improvement areas. For ongoing security support, our Vulnerability and Threat Management services will help you increase your organization’s resilience to threats. Chat with a Dewpoint expert today to get started.