On the Dark Web stolen login credentials are a hot commodity. But this precious information always has a price. The cost of a hacked social media account may go for anywhere between $30 to $80 per account.
As we’ve grown to rely on cloud services, there has been a parallel increase in breached cloud accounts. Unsurprisingly compromised login credentials hold the number one spot for being the greatest cause of data breaches globally, according to IBM Security’s latest Cost of a Data Breach Report.
Having a business of personal cloud account hacked can be expensive. In turn this may lead to a compliance breach, identity theft, or a ransomware infection. Combating breaches can be difficult due to overwhelmingly common poor password habits, such as the following:
- 34% of people admit to sharing passwords with colleagues
- 44% of people reuse passwords across work and personal accounts
- 49% of people store passwords in unprotected plain text documents
Now risk of cloud account breaches are at an all-time high. Here are a few preventative tasks SimplicIT recommends to protect your personal and business accounts.
Use Multi-Factor Authentication (MFA)
Multi-factor authentication (MFA) is the best method there is to protect cloud accounts. While it shouldn’t be viewed as a failsafe, it is proven to prevent approximately 99.9% of fraudulent sign-in attempts, according to a study cited by Microsoft.
Most of the time MFA requires a code sent to your phone to be verified. Adding this second requirement to login greatly increases your account security. It’s likely a hacker doesn’t have access to your phone or any other device that may receive a MFA code. This small inconvenience may make all the difference in protecting your accounts.
Use a Password Manager for Secure Storage
Having passwords stored in an unsecure way can create an easy access for online criminals. Some of the most common forms of insecure storage include word or excel documents accessible to PC and mobile devices.
A better alternative is a password manager. This is not only convenient for storage, but it is also encrypted and secured. Users only must remember one strong master password. This enables them to access all the other passwords they need.
Many password managers also have autofill features available for several browser types. This feature makes password accessibility even more convenient than many unsecure storage options.
Review/Adjust Privacy & Security Settings
Have you taken the time to look at the security settings in your cloud tools? One of the common causes of cloud account breaches is misconfiguration. This is when security settings are not properly set to protect an account.
Leaving your SaaS security settings at their default settings can be a mistake. These predetermined settings do not provide enough protection. Review and adjust cloud application security settings to ensure your account is properly safeguarded.
Use Leaked Password Alerts in Your Browser
Even with strenuous password security precautions you may still have your passwords compromised. This can happen when a retailer or cloud service you use has their master database of usernames and passwords exposed and the data stolen. Unfortunately, these passwords can end up on the dark web for sale, and you may never know when this happens.
Due to this being such a prevalent problem, browsers like Chrome and Edge have had leaked password alert capabilities added. Any passwords that you save in the browser will be monitored, and if found to be leaked, you’ll see an alert when you use it.
Look for this in the password area of your browser, as you may have to enable it. This can help you know as soon as possible about a leaked password, so you can change it.
Don’t Enter Passwords When on a Public Wi-Fi
Although not everyone is out to gather your sensitive data, you should assume so when using public Wi-Fi. Hackers like to hang out on public hot spots in airports, restaurants, coffee shops, and other places so they can gather sensitive data, such as login passwords.
When connected to public Wi-Fi, you should never enter a password, credit card number, or other sensitive. Instead, you should either switch off Wi-Fi and use your phone’s wireless carrier connection or use a virtual private network (VPN) app, which encrypts the connection.
Use Good Device Security
When a device is breached using malware, this often gives hackers unsecured access. This means they may have access to all the apps on your phone that you are already logged into.
To prevent an online account breach from happening through one of your devices, make sure you have strong device security. Some best practices include:
- Up-to-date software and OS
- Phishing protection (such as email filtering and DNS filtering)
Looking for Password & Cloud Account Security Solutions?
Don’t leave your online accounts at risk. SimplicIT can help you review your current cloud account security and provide helpful recommendations. Interested in improving your account security? Contact us and we’ll have you’re accounts secured in no time.