Beringer Associates Technology Blog
Did you know that 75% of network attacks and intrusions come from exploiting weak or stolen passwords? How about that the average amount of time an attacker stays in a network before being detected is over 140 days? Once inside the network it’s next to impossible to tell what that attacker has done. We’ve all seen the repercussions from such attacks in the news.
So how do you prevent yourself or your company from falling victim to such an intrusion? Well, the obvious answer is to have a secure password that changes periodically. Unfortunately that is only a small piece to the puzzle of securing your credentials. Even the most secure password can be hacked through a virus, using another account that you don’t control to access the network or social engineering that tricks a user into giving up a password. Sure you can get virus protection but how do you combat human error?
Multi-factor authentication (MFA) is an authentication mechanism that requires a user to use more than one method to allow login. This is typically something you know (username/password) and something you have (mobile phone). After you enter in your username and password you will typically be asked to verify on a trusted mobile device via an app, text message or phone call. So if someone has your credentials it is still not enough for them to gain access to your systems.
For full peace of mind, Advanced Threat Analytics (ATA) comes in to be the watchdog for your network. ATA uses behavioral analysis to learn user behavior and alert when things seem out of the norm. Think of it like the your credit card company when you get a call to say that they just saw that you charged $500 at an electronics store in Europe. Chances are that wasn’t you and they knew that. ATA works in a very similar fashion. If your account was logged on in NJ at 9am then logs on in the Czech Republic at 10am, something fishy is going on. ATA alerts on this and allows the issue to be remediated immediately as well as tracks the users access throughout the network. It also goes a step above and beyond that by monitoring the network for known malicious attacks such as pass-the-hash, brute force, etc.
IT security is ever changing and there is no one solution that covers all the possible threats. Contact Beringer today to discuss your risks and the options available to keep you protected.