MSPToday Editor and writer extraordinaire Greg Tavarez has penned many informative articles on cybersecurity for businesses; particularly regarding passwords and multi-factor authentication (MFA) best practices. (And, unfortunately, how hackers and other bad actors attempt to circumvent securities to further their own malicious gains.) As Tavarez has pointed out, these are real, ongoing problems in need of quick-to-address solutions.
Oort, a provider of identity-centric enterprise security (i.e. via smart remediation actions and a full suite of reliable and comprehensive identity threat detection, response, and prevention tools) recently released the findings of its State of Identity Security Report, available in full here. A thorough analysis that references data from more than 500,000 identities, Oort’s research takes a close look at the challenges organizations face with regard to securing their identity attack surface. The most common Identity and Access Management (IAM) hygiene challenges leaving organizations at risk, in addition to the most commonly used techniques attackers take advantage of, are all detailed therein.
Though not limited to these alone, Oort’s important takeaways include:
- 40.26% of accounts in an average enterprise are either using weak second factors, or none at all. This leaves them highly vulnerable to phishing, social engineering, etc.
- Phishing-resistant second factors were only, unfortunately, used in 1.82% of all logins. This lack of strong MFA adoption implies that more account attacks and takeovers, issues with regulatory compliances, and more are on the horizon for those not securing appropriately.
- 24.15% of accounts in an average enterprise are reportedly dormant, i.e. some of the lowest-hanging fruit for eager attackers. Oort emphasizes the cleanup of old accounts (and the double and triple checks necessary for admin accounts, in particular).
- 79.87% of application accounts go unused every month, highlighting that users may have access to too many applications and sensitive data. Reining in the right permissions is key; unnecessary access can lead to excessive licensing and disturbances to data. Reducing user access and honing how visibility is granted can really help.
Overall, Oort’s research impresses how vital it is for enterprises to tighten visibility in order to decrease their attack surface, as well as the necessities of enforcing proper MFA and ensuring that IAM hygiene is not left poor, thus leaving accounts and more at risk.
“The vast majority of successful breaches in the past year were the result of account takeover, or ATO,” said Matt Caulfield, Oort’s founder and CEO. “The research illustrates just how easy enterprises are making it for attackers to target their identities and launch successful ATO attacks.”
“Organizations can easily decrease these risks,” Caulfield continued, “by prioritizing identity security, understanding their attack surface, tapping into IAM hygiene issue visibility, and setting up MFA compliance. You have to stay laser-focused in order to secure identities and stop account takeover.”
Edited by Greg Tavarez