Lost And Stolen Credentials Still To Blame For Most Hacks

Cyber threats are coming at companies from everywhere, but one of the most prevalent is lost or stolen credentials. Last year it was blamed for more than 80 percent of data breaches and over the years were behind some of the nation’s largest hacks. And it's not going away any time soon. With companies moving data and operations to the cloud, it's creating increased authentication risks for enterprises.

Become a Subscriber

Please purchase a subscription to continue reading this article.

Subscribe Now

“When we look at incidents that have made the news, whether it’s Target, The U.S. Office of Personnel Management, or the DNC in 2016, there’s one common thread: most of these incidents weren’t perpetrated using some sophisticated hack. Someone was careless,” said Yassir Abousselham, Chief Security Officer at Okta, the San Francisco identity management software company. “Attackers don’t break in – they log in. That continues to be the case and is the main reason why identity and access management is the first line of defense, and perhaps, the most important line of defense.”

Identity as a Service platforms are gaining steam as companies look for ways to better control and confirm who is accessing their applications over the cloud. Recognizing the return on the investment from moving to the cloud, businesses are increasingly putting critical business systems and data online. That makes it easier for employees to work anywhere without the need to access the corporate network. But that added convenience also creates the risk that hackers can get in via an employee’s credentials. It also means more work for IT staff who have to deal with forgotten passwords. IDaaS platforms take some of that risk out of that by ensuring users are who they claim to be and by providing access to applications, files and other resources at the right times. They also promise faster logons and less password resets and the ability for companies to better control overall identity management within the organization. “Whether a user is signing in from open WiFi at an airport or from a desk in the office, the process is seamless and secure,” said Abousselham. “With the number of attacks and breaches increasing, the improved security from implementing IDaaS can keep companies from facing a breach that might topple their business.”

IDaaS Takes The Complexity Out Of Logons

Okta and others like it aren’t only creating a safer cloud environment for enterprises, they are at the forefront of supporting innovators in all sorts of industries that recognize they have to embrace the Internet to survive and thrive. Abousselham pointed to airlines that have moved loyalty programs to the cloud and brick and mortar retailers that are relying more heavily on eCommerce as two examples of how traditional companies are taking on more tech projects. They are among the types of enterprises that need help managing all their disparate logins. Before IDaaS platforms, identity and access management was fragmented with each new tech project creating one or more new identities. But with platforms like Okta’s companies get a bevy of advanced identity management tools including single-sign on, adaptive multi factor authentication and automated decision making to mitigate risk and lifecycle management, which automates the control of user identity from creation to deletion. “IDaaS is the now and the future for IT leaders. Apps that once suffered from low adoption are now generating new business, and systems that were once security liabilities now function as the first line of defense against intrusions and breaches,” said Abousselham. “IDaaS lowers the total cost of ownership, boosts security and provides a superior user experience across an enterprise and its ecosystem of customers and partners.”