Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
© Copyright 2016 - IS Decisions S.A - All right reserved
UserLock and FileAudit are trademarks of IS Decisions S.A
All num...
Upcoming SlideShare
Loading in …5
×

Security Breaches from Compromised User Logins

Stop blaming your users for compromised passwords. Bolster your defense against security breaches that stem from both stolen and shared user login credentials.
For IT security administrators it's tough to identify malicious network access from valid credentials. Rather than blaming users for being human, our latest infographic shows you how to better protect users' authenticated logins.
By taking a closer look at the contextual information around the logon or file access, you can identify and stop network access when credentials have been compromised.

Related Books

Free with a 30 day trial from Scribd

See all

Related Audiobooks

Free with a 30 day trial from Scribd

See all
  • Be the first to comment

  • Be the first to like this

Security Breaches from Compromised User Logins

  1. 1. © Copyright 2016 - IS Decisions S.A - All right reserved UserLock and FileAudit are trademarks of IS Decisions S.A All numbers are from IS Decisions’ research into the access security priorities of 500 IT Security Managers in the US and UK. http://www.isdecisions.com/user-security-versus-user-productivity/ Transparent security that does not impede end users and hinder productivity Fast implementation and easy to manage Non-disruptive technology that doesn’t frustrate IT departments www.fileaudit.com FileAudit monitors and alerts on all file access and access attempts. Contextual functions help detect any malicious access and alteration of sensitive information on Windows systems. FileAudit www.userlock.com With context-aware user login rules, real-time monitoring and risk detection tools, UserLock works alongside Active Directory to guard against compromised logins on Windows systems. UserLock TWO SOFTWARE SOLUTIONS FOR WINDOWS ACTIVE DIRECTORY NETWORKS Make sure authenticated users are who they say they are, identify any ‘risky’ behavior and put a stop to it before it ends up costing capital, customers and your company’s reputation. Compromised credentials can happen to everyone - Don't let it be you Attackers are after data, and for that they must access it before they can extract it. Visibility is key. If the adversary had valid, authorized credentials, it becomes critical to monitor all access to sensitive data. Not only unauthorized, but authorized as well. 31% of companies’ currently monitor user behavior to guard against compromised credentials MONITOR ALL ACCESS TO SENSITIVE DATA 4 report Set rules that automatically allow or deny a login connection requested. Set restrictions on location, IP address, time of day, number of simultaneous sessions, number of initial access points. Modified at any time all changes shouldbeappliedinreal-timeandeffectiveimmediately. 31% of companies’ currently use contextual access restrictions to guard against compromised credentials SET CONTEXTUAL ACCESS CONTROLS TO LIMIT END USERS ACCESS 3 rules Set real-time alerts on specific events so you can identify if authenticated credentials have been compromised and immediately stop network access. 54% of companies’ currently use abnormal logon activity alerts to guard against compromised credentials SET ALERTS ON ABNORMAL LOGON ACTIVITY 2 access denied ! Your users will have already been assigned logins, but you won’t know if abnormal behavior is happening if you don’t know who is connected from which workstation or device and since when. 47% of companies’ currently use real-time monitoring to guard against compromised credentials IMPLEMENT REAL TIME MONITORING OF ACCOUNT LOGON ACTIVITY 1 Stop blaming users and start better protecting users’ authenticated access. TO STOP COMPROMISED LOGIN ACCESS EASY STEPS4 connected from home 11:23 pm copying copying copying copying For example: Simultaneous logins from locations too far apart to make any sense, or sequential logins with different credentials being used from an existing impossible journeys 46% For example: Login attempts from outside normal business hours sudden change in working/office hours 48% For example: A repetition of failed login attempts or password resets. password resets reset pASSWORD 48% For example: Login attempts from an unlikely session type, location or device. Implausible remote access 58% LOGged LOGin For example: Copying, deleting or moving of a large number of files en-mass. Unusual resource usage 59% The top five signs are top for a reason — because they are the usual suspects when it comes to identifying if someone uninvited has breached your network. WARNING SIGNS OF COMPROMISED CREDENTIALS YOU SHOULD BE LOOKING OUT FOR5 hacked database including user credentials 22% password duplication 29% Private Password xabc3 Corporate Password xabc3 social engineering 35% E-mail SPAM key-logging malware 37% password sharing with colleagues 38% PASSWORD phishing 58% LOGIN PASSWORD But users are human. They are flawed, careless and often exploited. Security must be there to protect users from both careless and malicious behavior and to protect the business from outsiders trying to gain access by pretending to be employees. It’s easy to blame your users. It’s your end-users that are often endangering your network. HOW LOGIN CREDENTIALS ARE EFFORTLESSLY COMPROMISED Compromised credentials are key to avoiding network breach detection. They belong to an authenticated user with authorized access! 45%of data breaches are as a result of compromised credentials ---------------- 80%of organizations believe detecting possible compromised credentials is important How to bolster your defense against security breaches that stem from stolen and shared user login credentials STOP BLAMING YOUR USERS FOR COMPROMISED CREDENTIALS

    Be the first to comment

    Login to see the comments

Stop blaming your users for compromised passwords. Bolster your defense against security breaches that stem from both stolen and shared user login credentials. For IT security administrators it's tough to identify malicious network access from valid credentials. Rather than blaming users for being human, our latest infographic shows you how to better protect users' authenticated logins. By taking a closer look at the contextual information around the logon or file access, you can identify and stop network access when credentials have been compromised.

Views

Total views

182

On Slideshare

0

From embeds

0

Number of embeds

1

Actions

Downloads

1

Shares

0

Comments

0

Likes

0

×