As Cyberattacks Continue to Surge, Dynamic Password Controllers are More Valuable Than Ever
By: Furkan Kirmaci
Reports of cybercrime shot up by almost 70 percent in the US compared to 2019, as the lockdown created an ideal environment for cybercriminals. However, phishing and ransomware remained the most common approach, accounting for 33 percent of all cyberattacks.
One area of security that got hit hard by the rise in cybercrime was password protection. It was found that an estimated 81% of data breaches are due to poor password security and that 543 million employee credentials for Fortune 1000 companies are circulating on commonly used underground hacking forums, a 29% increase from 2020.
One of the main reasons for the increase in password-associated breaches is the fact that many employees will usually reuse a password for both their home and work accounts, making it easy for cyberattacks to go from one to the other. The average person reuses each password 14 times, with at least 60% of people reusing passwords across multiple sites regularly, while 48% of workers use the same passwords in both their personal and work accounts.
With cybercriminals getting smarter and their tactics becoming more resilient to conventional cyber defenses, cybersecurity must be a priority for organizations today. Driven by new global connectivity and increased usage of cloud services, both inherent and residual risks are growing, meaning organizations must be proactive when it comes to password protection or run the danger of paying the consequences.
This is where Ironsphere’s Dynamic Password Controller can make a difference.
Dynamic password is a technique in which a password does not remain the same, meaning it will constantly change, making it more difficult for a cybercriminal to guess.
Ironsphere’s Dynamic Password Controller (DPC) is a password vault that stores and rotates SSH keys and passwords of privileged accounts, centrally and securely, in which the technology generates searchable log records and audit trails to meet security and compliance requirements.
The Ironsphere DPC offers a myriad of security benefits to organizations looking to ward off cyber criminals from their privileged users’ passwords.
To start, Ironsphere’s DPC ensures maximum password strength through the use of randomly generated, one-time passwords, which greatly increases the difficulty for cybercriminals to access privileged accounts using passwords.
The passwords generated by Ironsphere’s DPC also expire within 300 seconds of confirmed use, making sharing passwords virtually impossible amongst co-workers. Additionally, 42% of people share their work login credentials to work together with their teammates, making this a huge cause of leaked passwords and adding to the amount of accounts a hacker can access once in.
Finally, with the Ironsphere DPC, privileged users can request a reservation for a password checkout, which is extremely beneficial for maintenance activities, and when there is a specific time slot during which the user needs to access the device. If a user reserves the password for a specific time frame, another user cannot check it out during that time frame, meaning only one user can use the password at a time for peak security.
As the world continues to become more digitized, the volume of concerns towards cybersecurity will only increase. Password management for several privileged accounts on its own is a cumbersome task, and adding security, compliance, and audit layers requirements on top of that makes it virtually impossible to manage without a specialized system.
And with an estimated 81% of data breaches occurring due to poor password security, while dynamic passwords are not the newest innovation in cybersecurity, they will play a big part in fighting against hackers looking for an easy cyber attack opportunity. Ironsphere’s DPC eases lives immensely, letting organizations and employees rest easy knowing their privileged accounts are safe and secure from vicious cyberattacks.
Learn more by reading our new Solution Brief here.
We have all found ourselves in a different world of work given the events that have defined 2020, and few professionals are feeling the pressure more than IT and OT teams.
Just as cyber risks evolve, the evolution of risk appetite frameworks is more active than ever. With more sophisticated adversaries, more digital transformation initiatives, more mobile works, ecosystem partnerships and connectivity to multiple clouds and services, enlightened management teams and their boards are updating their levels of “risk tolerance.”
Two-factor authentication has been around for decades – requiring an additional step between entering a username and password, for example, then entering a one-time security code sent to a mobile device – to access applications, systems and data.