It’s now been 45 days since eBay requested its users change their passwords, following a massive data breach that compromised the records of 150M of its users. eBay's own investigation revealed that the hackers gained access through poorly protected employee logins; a security weakness that was easily avoidable. According to the Ponemon institutes 2014 Cost of Data Breach study, the average cost of a data breach was $3.5 million last year. eBay reports official earnings next week, but pundits are already speculating about the negative financial impact of this hack.
With your brand and bottom line at stake, it's clear that companies need to take steps to secure their organization from an attack like this. Not sure where to start? Here are four ways that companies can improve security.
1. Centralize Application Management
SaaS proliferation means too many credentials and users to manage for IT and leads to security vulnerabilites. Companies need one place to manage users, passwords, and access for the apps their employees use.
2. End Password Fatigue: Single Sign-On to the Rescue
Utilizing Single Sign-on technology makes it easy for employees to use stronger passwords and adopt better password behavior. It reduces the number of passwords in circulation and eliminates the need for employees to remember difficult passwords.
3. Ensure Password Diversity
How many of your employees use the same password for multiple apps? If this data isn't easily accessible for IT administrators, then how can they identify at risk users and take immediate action.
4. Secure Employee Personal Accounts
Hackers target employees' personal accounts because they know many use the same password for their personal and corporate accounts. Enabling your employees to use single sign-on for their personal apps makes it harder for hackers to leverage your employee's personal accounts against your company.