Brown’s Bytes – The Inconvenient Security Truth?
Welcome to Brown’s Bytes! Your weekly insight from Mobliciti’s CTO Andy Brown. Follow #brownsbytes
23rd June 2017
I recently spent some time with Jeff Kukowski & Keith Graham (CEO & CTO of SecureAuth) when they were in the UK. As part of a briefing we did together for our customers they included some key facts from the latest Verizon Data Breach Investigations Report that I think need to be called out in isolation:
1. Last year there was more spent on security solutions than ever before, but it was also a record year for security breaches.
Simply put – either the threats are growing faster than the solutions being implemented, or the wrong solutions are being implemented! This is scary stuff, but then consider that
2. The Number 1 way that attackers get in is… VALID CREDENTIALS!!
Is this the problem? Security solutions are letting bad guys in because the username/password they’re using is correct – it’s either been compromised, guessed or even deliberately shared by a rogue employee.
I believe that Multi-Factor Authentication is now a must for all organisations. It is the context of the authentication that protects against the use of valid credentials by attackers – even if the password is correct!
This is precisely why we’ve partnered with SecureAuth. Their technology makes life very hard for the bad guys, whilst making life easier for the genuine users… whether they’re authenticating to Cloud Services or traditional VPN and on-premise infrastructure.
I’d strongly recommend looking into this further if it’s not on your security radar already. For more information on how we can help then get in touch.