Hackers are dedicated to getting into and compromising your systems. They can use sophisticated coding techniques to get around or break through your security defenses. Unfortunately, many times that type of extensive effort isn’t necessary because organizations make it easy for hackers to steal credentials by failing to have adequate defenses in place.
Nearly two out of every three confirmed data breaches involve weak, default, or stolen passwords.1 In total, according to Microsoft, tens of millions of credentials are exposed every month and are added to growing lists on the dark web. These stolen user IDs and passwords are extremely valuable to cyber thieves since three of every four users re-use credentials across multiple sites and continue to use the same credentials for years.2
Chances are many of your users’ credentials are included in these publically posted lists. They represent a ticking time bomb that can shatter the security of your system at any time. Up to now, it’s been difficult to find out which users’ identities and passwords have been compromised. But new functionality from Microsoft now enables you to detect these leaked credentials and take rapid corrective action to defend yourself.
Microsoft’s Azure Active Directory (Azure AD Premium Plan 2) is an identity and access management cloud solution that provides directory services, identity governance, and application access management. A new feature of Azure AD scours the dark web to discover account credentials that have been posted publicly. Azure AD Premium customers now have access to a report that details this information so they know which credentials have been leaked so they can better protect their systems and data.
This new feature is just the latest in a long line of other security capabilities of Azure AD Premium Plan 2. The solution helps to secure your application portfolio with one identity that provides single sign-on for all apps. You can further control access with this functionality based on device state, user, location, application, and risk.
Azure AD also offers multi-factor authentication (MFA) capabilities providing more protection by requiring users to have a security token or biometric verification in addition to their passwords to gain access to your system. The solution also provides additional oversight of user privileges and just-in-time administrative access.
Cybercriminals are working hard to overcome your security systems and gain access to your data. The increased security protection for your credentials is included as part of the Microsoft EMS E3/E5 bundle license.
Contact Interlink Cloud Advisors to learn more about this valuable defense that can help find and stop leaked information from compromising the security of your systems.
For more information on Ransomware, check out this blog from our partner at Peters & Associates.
1 63% of Data Breaches Involve Weak, Default or Stolen Passwords, by Neil Ford, IT Governance, May 4, 2016.
2 Azure Active Directory Premium reporting now detects leaked credentials, by David Howell, Microsoft Cloudblogs, June 15, 2015.