Have you been exposed to the dark web?
With WatchGuard Technologies’ new dark web Scanning tool, businesses can simply enter their domain name into this search engine https://www.watchguard.com/wgrd-resource-center/dark-web-scan to find out how many of their email accounts have been exposed in public data breaches and then request a free report.
This sensitive information often ends up for sale on the black market, compromising the security of businesses and their employees. According to the 2019 Global State of Cybersecurity in Small and Medium-Sized Businesses report from the Ponemon Institute, 63% of businesses reported an incident involving the loss of sensitive information about customers and employees in the previous year.
The dark web is a collection of anonymous websites that are publicly available yet hide their IP (Internet Protocol) addresses to make it impossible for users to identify and track the host. It is very common that personal information, including email accounts, passwords and credit card details obtained through data breaches end up becoming available illicitly for sale on the dark web.
WatchGuard provides a list of actions to take if company credentials have been exposed on the dark web. This includes:
- Reset passwords company-wide
- Check for additional threats by conducting a security audit to identify vulnerabilities that may have occurred due to a data breach or dark web threat
- Promote user awareness activities to remind employees of secure practices when it comes to accessing company platforms and information and to keep work and personal passwords separate
- Turn on multi-factor authentication (MFA) to protect employee company credentials along with access to network and cloud-based applications
“A massive portion of data breaches involve lost or stolen credentials,” said Alex Cagnoni, director of Authentication at WatchGuard. “With MFA, even if cyber criminals obtain login credentials, they still can’t use them to gain network or cloud access. With an increasing number of people working from home, using MFA — from how they login to their local computer, to how they access your cloud apps — will protect your organisation far more than many other defence controls.”
Many small and medium-sized businesses have been put off MFA by the perceived cost, but WatchGuard’s AuthPoint solution overcomes this by eliminating the complex integration processes, significant up-front expenses and burdensome, on-premises management. The cloud-based service can be deployed and managed from any location without the need for expensive hardware components and uses the AuthPoint app to facilitate user authentication by sending one-time passcodes to a user’s mobile device.