Every Solution You Can Imagine – and More
What cybersecurity solution do you need? From Zero Trust to ADR, IAM, risk/privacy, data protection, AppSec and threat, securing digital transformation, to resiliency and remediation, we can build the right program to help solve your challenges.
A Single Partner for Everything You Need
Optiv works with more than 400 world-class security technology partners. By putting you at the center of our unmatched ecosystem of people, products, partners and programs, we accelerate business progress like no other company can.
We Are Optiv
Greatness is every team working toward a common goal. Winning in spite of cyber threats and overcoming challenges in spite of them. It’s building for a future that only you can create or simply coming home in time for dinner.
However you define greatness, Optiv is in your corner. We manage cyber risk so you can secure your full potential.
Recovering From a Credential Breach, Part 2
In part 1 of this blog series, I discussed the impact of credential theft on consumers and what they can do to protect themselves. In part 2, I discuss steps that an organization needs to take if any of its users’ credentials are stolen.
Probably the most important step to take when a user suspects that his or her user account has been compromised is to notify the organization’s IT service desk. End users should notify the IT service desk right away in the event of the loss or theft of a laptop computer, tablet or smartphone. In turn, the service desk should take the following steps:
If the organization experiences a compromise of one or more privileged accounts, the company needs to take the same steps as listed above as well as closely monitor activity on privileged accounts to ensure that all activities are authorized.
In relationships with third parties, this can become much more complicated. There are several considerations for organizations with third-party personnel who have privileged access to one or more of the organization’s critical systems:
End users whose credentials have been compromised should be advised to select quality passwords and use a password vault as described in part 1 of this blog series. Further, the organization might consider making password vaulting tools such as Password Safe or KeePass available for all users and, perhaps, even included on standard machine images.
The potential loss of user credentials should compel an organization to consider implementing multi-factor authentication, which would blunt the impact of a breach of login credentials. While more expensive hardware token solutions are still available, many organizations are opting for less expensive and onerous solutions that utilize software tokens in smartphones or SMS messages. The latter is now considered deprecated by NIST so proceed with caution; more information available here: https://pages.nist.gov/800-63-3/sp800-63b.html.
Organizations using tools to manage privileged accounts may have an easier time responding to credential theft. Capabilities may include the instant invalidation of credentials, the ability to detect unauthorized access and the creation of new credentials. The capabilities of any such tools in use need to be understood and incorporated into security incident playbooks for account compromise scenarios.
Let us know what you need, and we will have an Optiv professional contact you shortly.