OneLogin Weekly News Round-up: September 20, 2019

September 20th, 2019   |     |  culture and news, security & compliance

It’s Friday September 20, 2019 and we’re excited to wrap another busy week. Just yesterday, we announced the availability of exciting new features included in our Summer ‘19 Release. If you follow our Weekly News Round-up, by now you’re versed in many of the most common cybersecurity risks. Each week we share stories of password attacks, data breaches, and—for the optimists—strategies that organizations can deploy to mitigate risk in an always-evolving cybersecurity landscape.

Our Summer ‘19 release builds on the latter by delivering several new features that balance security with usability. These features help organizations ensure that end-users meet strong password criteria, as well as, provide strong and intelligent secondary authentication capabilities, and device security for laptops within the corporate network. They include:

  • Vigilance AI
  • SmartFactor Authentication
  • Adaptive Login Flows
  • Compromised Credential Check / Password Blacklist
  • Risk-Aware Access

You can learn more about each of these new features in our Summer ‘19 Release blog. End plug—now, on to this week’s news!

You Heard it From a Hacker
This is a message from an inmate in a federal corrections facility: stop reusing passwords. If you don’t take it from us, at least take it from the guy doing 17 months in a federal work camp for hacking the likes of Disqus, Kickstarter, and Imgur. In his own words: The reuse of login credentials in my opinion is the greatest security flaw that we have today. Told you! He also recommends enabling multi-factor authentication (double told you!). We’d also recommend deploying a solution like Compromised Credential Check to prevent employees or customers from using common or insecure password schemes that are easily compromised. Read more on Naked Security

WeWork on Unsecured WiFi Networks
We’ve previously written about the perils of working on open WiFi networks at hotels and cafes. When it comes to co-working spaces like WeWork, you might assume the network is secure. Think again! WiFi scans of a WeWork network revealed financial records, business transactions, client databases, and emails from various companies using the network. Many of WeWork’s New York and California locations reuse the same WiFi password, which exacerbates the issue altogether. Read more on CNET

What Happens When a Nation’s PII is Exposed?
The scale of data breaches is growing, but the impact of a breach at a Miami, Fl database is unprecedented. The data found in an unsecured database, exposed the personally identifiable information of more than 20 million people, most of whom are Ecuadorian nationals. Ecuador is home to 17.4 million people. You do the math. Read more on the Verdict

Educating the Next Generation of Cybersecurity Professionals
Totally unrelated to the data exposure of Ecuadorian nationals, an Irish university is offering a program to prepare the next generation of cybersecurity professionals. The program is designed to meet a demand gap among small businesses by equipping students with an understanding of data privacy laws like GDPR, how to think like a hacker, and apply technical solutions to safeguard systems from attack. Read more on the Irish Examiner

New Jersey Updates Data Breach Law
On September 1, 2019, New Jersey’s Data Breach Notification law took effect, requiring businesses to notify users if their personally identifiable information (PII) is exposed in a data breach. Under New Jersey law, PII includes a user’s email address, username, password, and or security questions and answers. Read more on Security Boulevard

About the Author

Tony Smith is a Marketing Communications Manager at OneLogin. He is passionate about developing blog and social media content that helps customers identify and find solutions to their identity and access management challenges.

View all posts by Tony Smith

About the Author

Tony Smith is a Marketing Communications Manager at OneLogin. He is passionate about developing blog and social media content that helps customers identify and find solutions to their identity and access management challenges.

View all posts by Tony Smith

Secure all your apps, users, and devices