The ongoing problem of account hijacking
Account Hijacking continues to be an ongoing problem for organisations endeavoring to lock down their networks. If user credentials are either stolen or guessed, hackers are able to gain immediate access to the network. And once they are inside, you’re exposed to data theft, ransom or even extortion. The frightening part can be, not knowing what they’ve accessed or stolen.
Last month, Google published important findings on a recent study they conducted into the root cause of account hijacking and the tools used by hackers to steal credentials. Google found “that phishing posed the greatest threat (to elicit credentials), followed by keyloggers, and finally third-party breaches.”
Google also noted they’re seeing “increasingly sophisticated attackers also try to collect sensitive data that we may request when verifying an account holder’s identity”. Hackers are trying to steal personal information such as phone numbers, home addresses and birth dates. The research suggests that even multi-factor authentication alone may not be enough to protect an organisation from account hijacking.
In response to ongoing login threats and market demand, Tesserent recently developed and launched Portal Defence.
Portal Defence sits between the internet and your web portal, and allows you to tailor the level of security based on the user credentials, sensitivity of data being accessed and physical location.
Even before someone tries to login to your company network, Portal Defence is protecting your web portal. Geo blocking rules prevent traffic from named foreign states, unrelated to your business dealings. And brute force attacks are prevented with login limit rules. By employing multi-factor authentication and a range of website security hardening techniques, Portal Defence can ensure only authorised users are able to access your important data.
Importantly, we approached the challenge of securing web portal access in a holistic way for businesses. We wanted to make Portal Defence easy to install, without requiring any internal redevelopment of web applications or IT systems. And for users, the authentication process needed to be simple, not lengthy or cumbersome.
For a full breakdown of how Tesserent can protect your web portal, watch the short video below, or visit the Portal Defence page on our website.