We have a valid account problem on our hands and most of us don’t even know it. For starters, you may be wondering what is a valid account and if it is valid, why is it a problem. These are both great questions. Let’s answer the second question first. CISA recently reported valid accounts were used 54% of the time in successful attempts at unauthorized initial access attacks. Cybercriminals are gaining initial access to our networks through legitimate means using legitimate user passwords.
Now let’s answer that first question. A valid account can mean a few different things, but they usually have one common factor. They are active accounts. These accounts are your user accounts, system admin accounts, system integration accounts, and so on. Any account that is active and that can be accessed would be a valid account.
What you can do
Let’s deactivate all accounts, go home, and never worry about falling victim to a cyberattack again. Oh, that isn’t an option? Well darn, let’s look at real solutions then. Managing accounts is a crucial part of cybersecurity and often a forgotten part of it. Our accounts though are the front door to our data so we need to do a better job protecting them.
As always it is important to use strong passwords. This means they need to be complex, long (think 16 characters or more), and most importantly never reused.
When possible, enable mutlifactor authentication (sometimes called two factor) especially on your most important accounts. This is one of the best ways to prevent unauthorized access.
You should regularly audit your active accounts and ensure they still need to be active and verify if they still need the same level of access.
Whenever an employee leaves it is critical to deactivate that account in a timely manner. When an employee changes positions, it is equally important to adjust their access accordingly.
When creating accounts, only provide the level of access that is required for the role of that account. This means, not every account needs admin access to every file or the ability to install software on every device. You need to place restrictions.
To learn more about protecting your small business from the valid account problem or to learn about more cybersecurity small business trends and topics visit Small Business, Big Threat.