Happy November, readers. We hope you had a boo-tiful Halloween. We sure did, and so did our customers. Our best costume award went to our beloved customer Evernote who dressed up as US - OneLogin - for the holiday!
Proof that we love our customers and they love us.
It was a busy week for us here at OneLogin and we made some headlines including being featured in Forbes, SC Magazine and TEISS commenting on the Network Solutions security breach. Our VP of Solutions Engineering, Stuart Sharp, offered these wise words:
“Forcing users to reset their passwords is fine, but how will it prevent the same breach from happening again,” says Stuart Sharp, vice-president of solution engineering at OneLogin, who continues, “organizations need to implement solutions like multi-factor authentication (MFA) as a method of protecting their users and their data.”
He went on to say:
“The scariest take away from this discovery is that many companies will never know their cloud services have been compromised. It’s only when secret information comes to light in a public domain, or attackers attempt invoice payment redirection that the account compromise becomes obvious.”
“Unless MFA is in place, once login credentials are compromised, attackers can access highly sensitive company information. Organisations need to constantly audit cloud services and control access and protect authentication and authorisation using a combination of Privileged Access Management and MFA,” he added.
In other news at OneLogin, we welcomed a new Chief Marketing Officer this week. Dayna Rothman is an award-winning marketer, lecturer, and author. We couldn’t be happier and can’t wait to make marketing magic under Dayna’s leadership.
Now without further ado, here’s your Weekly News Roundup. See you next week!
The 32 Passwords You Really Shouldn’t Use Unless You Want To Get Hacked
Security researchers have trawled the Dark Web, those forums, chat channels, social networks, and websites that are hidden from regular web browsers, where stolen credentials are traded between cybercriminals. More than 21 million credentials belonging to Fortune 500 companies were found by the ImmuniWeb researchers, 95% of these included plaintext passwords that were either cracked by the attackers or stored unencrypted in the first place. An analysis of those nearly 20 million passwords revealed that only 4.9 million were unique. Of the remainder, some were far more commonly used than others. Read more in Forbes.
A True Password-Less Future? Yes. Soon? Quite Unlikely
Neither the current consumer identity framework (Government issued physical ID), nor the Internet, were built for the challenge of identifying people digitally and virtually across the globe. There is promising work being done within the Sovrin Alliance, and within organizations such as Mastercard. Consumers and organizations need a broadly available solution to verify consumer identity before retiring authentication systems that rely on username and password. Read more in Security Boulevard.
Research finds 2019 increase in breaches and cybersecurity spending
A new Ponemon Institute survey of nearly 3,000 security professionals in nine countries found steep increases in cybersecurity spending yet corresponding rises in the number and scale of attacks. Read more in TechRepublic.
How A Password Manager Can Keep You Safe
As hackers become more adept at stealing personal information, we end up locking our loved ones (and even ourselves) out of our online accounts and digital devices. Read more in Forbes.