BR +55 11 3069 3925 | USA +1 469 620 7643

Risk associated with the lack of protection in Cloud access

by | Mar 12, 2021 | BLOG

We are already in the month of May, and you know what we celebrate on the first Thursday of this month, rigtht? That’s correct, it is World Password Day. Celebrated since 2013, this day reminds us of adequate cyber awareness and the importance of password protection in all environments, whether professional or personal. It is not for nothing that passwords are called digital identities.

Our life has been linked more and more to the online world. Not only in relation to work, but also to learning, fun – our and our children’s, even physical activity, and much has been accomplished in digital environments, especially considering the covid-19 pandemic. And in these new times, when a large number of people perform activities remotely from devices without the proper cyber protection mechanisms, it is important to redouble the care with passwords and other sensitive data. Thus, we explain the importance of passwords and their adequate protection for users and organizations in this article.

The combination of user and password has been used as a basic defense mechanism for computer systems since the beginning of their implementation, preventing unauthorized access to data stored on systems and devices. Despite the creation of authentication mechanisms without a password, such as biometrics or one-time passwords (OTP), the combination of user and password is still widely used to access systems and devices. This is because such combination is easy and inexpensive to implement.

In a digital transformation scenario, the multiplication of systems, devices, and their respective credentials is a perfect scenario for malicious attackers to collect passwords and, thus, access data improperly. After all, remembering a password is much easier than the dozens (or even hundreds) of services that require some kind of authentication. It is estimated that the number of passwords per user is between 70 and 100.

Are you enjoying this post? Join our Newsletter!

13 + 3 =

We will send newsletters and promotional emails. By entering my data, I agree to the Privacy Policy and the Terms of Use.

 

According to Cybersecurity Ventures, the world ended 2020 with 300 billion passwords to protect. And the trend shows this number will increase dramatically. Email accounts (personal and professional), banking services, corporate systems, devices, and applications are some examples that require authentication through passwords. And with the increase in the number of data leaks, it is easy to find compromised credentials on forums on the dark web being sold for pennies.

And yes, we know that it is not easy to manage so many passwords. Even the most tech-savvy can struggle to manage and protect credentials in so many different environments. In times of personal data protection legislation, such as LGPD and GDPR, ensuring the protection of such data has become more than a security requirement – it is a business must.

Despite all the risks associated with their use, many users and companies use passwords that are easy to guess, such as numbers or sequential letters (123456 or abcdef). SolarWinds itself, the victim of a serious attack on its supply chain, was using the password solarwinds123 in its infrastructure. Certainly, your email password or mine is stronger than the one used by this American technology company.

So, on this World Password Day, here are some tips that should be considered by users to keep their data protected:

  1. Use long and complex passwords. This prevents hackers from using techniques to guess them. However, just using complex passwords may not be enough to protect them from hackers.
  2. Many devices are configured with default passwords. Change them immediately.
  3. Avoid reusing your passwords on different accounts. Also, constantly check if you have already been the victim of a data leak through senhasegura Hunter. If so, change your passwords immediately.
  4. Configure your passwords to be changed frequently. The ideal is at least every 3 months.
  5. Do not write down, store in an easily accessible place, or share your passwords with others, thus avoiding unauthorized access.
  6. Consider password management solutions, or even privileged access management (PAM), to manage the use of systems and devices.
  7. Use Multiple-Factor Authentication (MFA) mechanisms to add a layer of security to your accounts.
  8. Set up means of retrieving access, such as including phone numbers or emails.

Passwords are one of the oldest security mechanisms in the computing world and are also one of the main attackvectors by hackers. And in the “new normal” era, with increasing threats resulting from the covid-19 pandemic, it is vital that users be alert and properly protect their digital identities. In this way, we can avoid cyberattacks that can cause considerable damage not only to people, but also to companies. And on this World Password Day, remember: security starts with you!

Building Digital Manufacturing Through PAM

With the evolution of technology, manufacturing sectors are increasingly digitalized through solutions that optimize the processes carried out in these environments, reducing costs, eliminating human failures, and generating more productivity.  Among the technologies...

Just-In-Time Privileged Access: Understand this Subject

In this article, we present the concept of just-in-time privileged access, its benefits, and mode of operation, among other extremely important information on the subject. To facilitate your reading, we divided our text into topics. They are: What Is Just-In-Time...

What Can I Do to Decrease Cyber Insurance Amounts?

When it comes to information security, the risks to organizations are increasing by several factors. As an example, we can mention the increase in the number of cyberattacks, especially after the Covid-19 pandemic, which accelerated the mass adoption of remote work,...

What are the actions performed during a privileged access

Nowadays, cyber-attacks have become increasingly common and hit more and more companies, of all verticals and sizes. According to the SonicWall 2022 Cyber ​​Threat report, the number of cyberattacks involving data encryption increased by 167% in 2021, reaching 10.4...

Achieving Sarbanes-Oxley (SOX) Compliance Using Cybersecurity Controls

The Sarbanes-Oxley Act (SOX) is primarily associated with business transparency and the use of accounting and financial controls to protect investors from fraudulent financial reporting. However, it is always important to remember the ever-increasing pivotal role...
Copy link