The rise in reliance on cloud services has caused a big increase in breached cloud accounts. Stolen login credentials are a hot commodity on the Dark Web. There’s a price for every type of account from online banking to social media. For example, hacked social media accounts will go for between $30 to $80 each. Compromised login credentials are now the #1 cause of data breaches globally, according to IBM Security’s latest Cost of a Data Breach Report.
Having either a personal or business cloud account compromised can be very costly. It can lead to a ransomware infection, compliance breach, identity theft, and more.
To make matters more challenging, users are still adopting bad password habits that make it all too easy for criminals. For example:
- 34% of people admit to sharing passwords with colleagues
- 44% of people reuse passwords across work and personal accounts
- 49% of people store passwords in unprotected plain text documents
Cloud accounts are more at risk of a breach than ever, but there are several things you can do to reduce the chance of having your online accounts compromised.
Always use multi-factor authentication to protect against breach
Multi-factor authentication (MFA) is the best method there is to protect cloud accounts. While not a fail-safe, it is proven to prevent approximately 99.9% of fraudulent sign-in attempts, according to a study cited by Microsoft.
When you add the second requirement to a login, which is generally to input a code that is sent to your phone, you significantly increase account security. In most cases, a hacker is not going to have access to your phone or another device that receives the MFA code, thus they won’t be able to get past this step. Microsoft, Google, and other big tech companies are also integrating new passwordless authentication methods that use an app and your phone’s Face-ID to validate your identity.
The brief inconvenience of using an additional step when you log into your accounts is more than worth it for the significant bump in security.
Use a secure password manager
One way that criminals get their hands on user passwords easily is when users store them in unsecured ways. Many organizations keep an unprotected Word or Excel document or the contact application on their PC or phone.
Using a password manager provides you with a convenient place to store all your passwords that is also encrypted and secured. Plus, you only need to remember one strong master password to access all the others.
Password managers can also autofill all your passwords in many different types of browsers, making it a convenient way to access your passwords securely across devices.
All of our Hermetic Networks Managed Services plans include password managers for critical users. We take the time to integrate the system into our clients’ unique workflows, train users on how to secure and share their data, and even help move information into it.
Understand how a breach would happen and adjust your privacy settings
Have you taken time to look at the security settings in your cloud tools? One of the common causes of cloud account breaches is misconfiguration. This is when security settings are not properly set to protect an account.
You don’t want to leave SaaS security settings at defaults, as these may not be protective enough. Review and adjust cloud application security settings to ensure your account is properly safeguarded. Here at Hermetic, we always make sure our clients understand the implications of the security settings applied to their critical systems – online or offline.
Monitor your leaked passwords in a password manager
You can have impeccable password security on your end, yet still have your passwords compromised. This can happen when a retailer or cloud service you use has their master database of usernames and passwords exposed and the data stolen.
When this happens, those leaked passwords can quickly end up for sale on the Dark Web without you even knowing it.
Due to this being such a prevalent problem, we set our clients up with Keeper Security for password management. It includes a system they call “BreachWatch” that will monitor and notify both the client and our technicians of passwords found to be leaked.
Browsers like Chrome and Edge have had leaked password alert capabilities added as well, though we don’t recommend saving critical passwords into browsers.
Services like Keeper Security BreachWatch can help you know as soon as possible about a leaked password, so you can change it.
Don’t enter passwords on public wi-fi
Whenever you’re on public Wi-Fi, you should assume that your traffic is being monitored. Hackers like to hang out on public hot spots in airports, restaurants, coffee shops, and other places so they can gather sensitive data.
Don’t enter a password, credit card number, or other sensitive information when you are connected to public Wi-Fi. Either switch off Wi-Fi and use your phone’s wireless carrier connection or use a virtual private network (VPN) app.
Use good device security policies and monitor for breaches
If an attacker manages to breach your device using malware, they can often breach your accounts without a password needed. Just think about how many apps on your devices you can open and already be logged in to.
To prevent an online account breach that happens through one of your devices, make sure you have strong device security. Best practices include:
- Up-to-date software and OS
- Phishing protection (like email filtering and DNS filtering)
- Safe Attachments and Safe Links from Microsoft 365
Looking for good password and online account security solutions?
Don’t leave your online accounts at risk. We can help you review your current cloud account security and provide helpful recommendations. Get in touch today to schedule a review with one of our security engineers.