Are your credentials being compromised?

How many of your user’s credentials are being compromised?

Email addresses and details of your organization’s members are easier to find than you may think.  A simple Google search can reveal a fair amount of information; now imagine what a sophisticated hacker can snag.

Before we dive into how to make it more difficult for this info to be found, let’s first properly define what a ‘user’s credentials’ are; simply put, they refer to the verification of a person’s identity or tools for their identification. Examples being an email, username and/or password.

Likely, the first thing someone does when they get to work each day is log-in to their workstation using those credentials. Those bits of information are what allow them to access your organization’s network – and depending on their level within the company, they may be privy to some very sensitive data, such as payroll, account numbers, employee files and so on.

Now imagine what would happen if the bad guy somehow got his, or her, hands of those credentials.

But how, you may ask?

The most common ways are through phishing emails, forms of social engineering or ransomware attacks.

The bad guys are very good at deceiving and convincing their victims into handing over sensitive information. Such as sending a seemingly innocent email from a normally trusted source asking someone to click on a link to view their account, or track a shipment is just one way they can dupe someone, and they may only realize it once it is too late. Clicking that link, or downloading that attachment could allow ransomware into your network, or to track keystrokes on a computer.

So how do you keep the hackers at bay and keep your network secure?

There are several actions you can take, here are just a few:

Be aware of password best practices.

Make sure the people in your organization know how to identify potential threats.

Arm yourself with knowledge.

Figure out where to begin.

Consider a risk assessment.

Taking one or all the above actions, is better than taking none. After all, it’s no longer a matter of if something will happen but unfortunately, when.

If you would like to speak to someone about your organization and it’s needs, we would be happy to help.  Contact us here or call 937.885.7272.

Follow us on FacebookTwitter and LinkedIn and stay up to date on Hacks, Attacks & Cybersecurity by subscribing to our email list.

Posted by Jack Gerbs