How You Can Eliminate Credential Theft

October 14th, 2015   |     |  security & compliance

Cloud adoption is revolutionizing the way organizations conduct business. The cloud makes thousands of enterprise applications available to businesses of all sizes, mostly tailored to the specific needs of each line of business. And employees can now access business information from any location, from multiple devices, at any time. Users have the power to be collaborative and productive in more ways with more convenience than ever before. But with all of the benefits of cloud and software-as-a-service (SaaS), there comes some risk that should be managed.

A recent analysis revealed that the average employee utilizes 28 distinct work applicationss. Each of these apps has its own set of user information, often with its own login requirements, typically a unique set of credentials, i.e. username and password. Although these credentials are an important part of keeping business information secure, they also represent weak points in every business’ information security. Every user password represents that final check before granting access to a business’ information. It also introduces a potential point of access for unapproved users inclined to pry their way into information systems. That’s almost 30 vulnerable points of access for each employee.

Now multiply that by however many employees are in your business and you’re looking at a very serious security problem. 500 employees using 30 apps each means 15,000 vulnerable points where malicious parties could exploit this basic security screen to steal or manipulate precious business information. Not to mention that the average cost of a business data breach in 2015 was $3.8 million. Having that many weak points is a risk that businesses simply cannot afford.

Luckily, cloud security technology continues to adapt in order to minimize these types of security challenges. OneLogin reduces the risk associated with credential theft by eliminating password requirements for SaaS applications supporting SAML (security assertion markup language). OneLogin, as an Identity Provider, enables Single Sign-On (SSO) capabilities that allow users to apply a single username and password, and access all of their apps. This solution brings the risk of credential theft to an all time low, as there is only one set of credentials per user. And with only one set of credentials to remember, employees won’t be tempted to write down or store their login information somewhere that a malicious third party can get their hands on it.

Talk to your cloud vendor about what they are doing to eliminate passwords and strengthen authentication. If they aren’t utilizing single sign-on to minimize security risk, they should be.

Want to hear more about the latest best practice learnings? Sign up for our upcoming webinar series where you’ll have the opportunity to interact with our product experts. Make sure you register to receive the on-demand recordings and slides after the sessions, as well as the eBook that will follow the events.

About the Author

Jack Shepherd joined the OneLogin team in Summer of 2015, and is now the Content Marketing Lead at OneLogin. Jack specializes in producing thought leadership pieces around the latest cloud technologies, cybersecurity, and the evolving role of unified access management.

View all posts by Jack Shepherd

Secure All Your Apps, Users, and Devices