Research, news and updates on threats and cybersecurity
Employee password hardening: Do not just mitigate bad passwords. Eliminate weak and compromised passwords. Threats to password-based authentication can overwhelm organizations. Because passwords are still the most common way for users to access their account, they invite abuses from bad actors. It is made worse by the security negligence of employees. But hardening employee passwords can be difficult without introducing significant …
Use Safe Passwords, Avoid Public Wifi and Other Tips for Safe Shopping on Cyber Monday, Dec 2nd, 2019 According to Deloitte’s Annual Holiday Survey of Consumers, shoppers of all age groups are more likely to shop on Cyber Monday than on Black Friday. Given the ubiquitous nature of retail apps and social shopping opportunities, it’s easy to see why people …
Disney+ Launch: A whole new world of excellent content, the same password reuse problem Consumers and critics alike have long clamored for the Disney+ streaming service, however, its recent launch has once again exposed the risks with password reuse. Even a mega-brand like Disney has password risks. An investigation found that less than 48 hours after launch, thousands of exposed …
The Authentication Situation. How Can Companies Evaluate Risk without Impacting the User Experience? According to Riskified, losses from account takeover increased 122% from 2016 to 2017 and grew by 164% in 2018. This percentage is expected to be even higher by the end of 2019. In this environment, it is critical that companies find a way to secure credentials. At …
What Can Professional Services Firms Do to Protect Themselves from Cybersecurity Threats? Cybercriminals are frequently targeting mid-sized, service-based businesses such as law firms, accounting firms, and financial services firms at unprecedented rates. While the news is full of stories of high-profile data breaches affecting the likes of Facebook, Google, Marriott, MyFitnessPal, and other prominent companies; this focus on large companies …
Enable automated password policy enforcement with daily password auditing and customizable remediation. With compromised password detection, custom password dictionary, fuzzy matching with common character substitutions, and continuous ongoing monitoring; enterprises can easily adopt NIST password requirements and eliminate vulnerable passwords in Active Directory. Organizations can adopt NIST password guidelines to screen for weak, commonly-used, expected, and compromised passwords. Then they …
Americans are growing increasingly comfortable with biometrics as a means of confirming their identity, with a recent survey finding 81% of respondents would be receptive to using biometrics in airports. Many consumers are already relying on biometric authentication to log into various online accounts, and companies are taking steps to incorporate biometric capabilities into more devices and systems. As a …
Reasons Why NIST Password Requirements Should Drive Your Password Strategy in 2020 Despite the doubters claiming that passwords will go the way of overhead projectors, they are still prevalent. They are still the back-up factor for most other authentication solutions and show no sign of extinction because every organization has a password-supported infrastructure in place. Fortunately, NIST has invested time …
Now Is Time To Contribute Your Feedback on the NIST Privacy Framework The National Institute of Standards and Technology (NIST) has recently released the preliminary draft of the NIST Privacy Framework: A Tool for Improving Privacy through Enterprise Risk Management. NIST is a non-regulatory agency and science lab that aims to promote innovation by advancing measurement science. In this …
Enzoic was selected to be a “Top 10 Most Valuable Cybersecurity Solution Provider in 2019” because of the innovative cybersecurity and fraud prevention products. Enzoic, formerly PasswordPing, provides low user-friction solutions for strong authentication against compromised credential attacks affecting employees, users, and customers. There are two core solutions: Enzoic for Active Directory Enzoic Account Takeover Protection Enzoic for Active Directory: …
