Every Solution You Can Imagine – and More
What cybersecurity solution do you need? From Zero Trust to ADR, IAM, risk/privacy, data protection, AppSec and threat, securing digital transformation, to resiliency and remediation, we can build the right program to help solve your challenges.
A Single Partner for Everything You Need
Optiv works with more than 450 world-class security technology partners. By putting you at the center of our unmatched ecosystem of people, products, partners and programs, we accelerate business progress like no other company can.
We Are Optiv
Greatness is every team working toward a common goal. Winning in spite of cyber threats and overcoming challenges in spite of them. It’s building for a future that only you can create or simply coming home in time for dinner.
However you define greatness, Optiv is in your corner. We manage cyber risk so you can secure your full potential.
Cybersecurity: Lost Your Keys?
From time to time we all lose our keys. The solution for physical keys is simple – find the spare set and head down to your local hardware store so they can make you a new set. The only time you have to worry about re-keying is when there isn’t a spare set. None of this is a huge deal, because what are the chances that whoever finds your lost key will try it in enough locks to miraculously find your door?
But what if your keys are stolen? And what if they were stolen from a third party with whom you’d shared them? Then things get a little more complicated as you may have to change the locks. It’s an inconvenience for sure, but not a catastrophe.
In the cyber world these scenarios differ in one important way: in the case of theft the culprit may well know what door – or in the digital space, what services – can be accessed with those keys. Your risk increases further when the stolen keys came from a trusted third party that offers the very services the keys are used to access.
When this happens you must re-key. In some situations, re-keying might be as simple as changing a user’s password or re-generating an API secret key. Then you update the places where those authentication items are used. In other cases, though, there may be hundreds of users or services utilizing the stolen API key, making the update process a far more tedious one.
In these complicated situations, where there’s a time delay involved in re-keying, you should consider these additional monitoring steps:
It’s a given that from time-to-time service providers will lose our keys, so what can we do to pre-empt and limit the impact? Consider:
These sorts of breaches are annoying under the best of circumstances (and catastrophic in the worst), but the good news is there are tried and true ways of mitigating the damage.
If you have questions, give us a call.
Let us know what you need, and we will have an Optiv professional contact you shortly.