Social Network For Security Executives: Network, Learn & Collaborate
The Deep Web contains nearly 550 billion individual documents. Search engines can only access 16% of the available information, this gives you an idea of the huge size of dark web. There is about 5+ Billion Leaked Credentials, Credit Card Breaches information available on dark web. In this blog, we will talk about Top 8 ways to handle leaked credentials incidents.
When comes to leaked credentials incidentas, employees awareness is of utmost important. Employees must be educated about the risks associated with the password reuse in different accounts. Employees should avoid using same password in corporate accounts as they have for social media accounts. Because when one of the account get breached, it gives hackers to do credentials stuffing and get access to your other accounts when same password has been reused.
Departments like HR should take care while clicking on the links in emails coming from employees who has left organisation. Because this might be an attacker disguising as past employees to get access to internal systems through HRs (the weak link). So all these departments should be educated about the impact of such incidents.
Weak passwords should be avoided throughout the organisation, and there should be a policy to have a stronger password (Not reused, not repeated, combination of characters, special characters, numbers, etc).
Employees must be restricted to use corporate Ids in their social media or for any personal use. Also the external corporate services or softwares which are associated with corporate Ids should be checked properly for any vulnerability causing leaked credentials incidents.
Passwords should be updated frequently based on the business criticality of the applications, and services.
As we know that every enterprises uses a lot of 3rd party applications like Salesforce, Google Applications, Enterprise Chat software etc for their corporate needs. And these applications are associated with corporate email ids. So, there are chances of getting your data breached from these 3rd party applications.
It is recommended to use multi factor authentication to control the access to accounts at your end.
There are always good chances of making mistakes and data getting breached. So, as a good practice, enterprise should look for breached credentials proactively in external password dumps, and ask employees to update the password whose credentials got breached.
Passwords on VVIPs like CXO level executives, board members, etc should be taken a special care of. These VVIPs are not only the employees but the brand which represents the company overall.
They will be using their corporate accounts while travelling so make sure that their mobile has secured access of the corporate accounts.
Enterprise can use past employees leaked credentials and map it with the behaviour of them. This can help them to create a model which can be useful to stop such leaked credentials incidents in future.
Enterprises should have a emergency password reset procedure to make sure of reduction in further damage in case of leaked credentials. This emergency password reset system should be able to reset the account details from every critical system user has access of.
Enterprises are outsourcing a lot of functions to 3rd parties. And these 3rd parties/partners are being the integral part of the business these days with a lot of information being shared with them.
There are good chances of data being leaked from partners end. So, it is critical for organisations to have a look into the security postures of their partners, and help them to improve their security if needed.