pipeline

Lessons from the Colonial Pipeline Breach

One of the largest, most economically devastating ransomware attacks occurred less than a month ago, and details of the attack are starting to become clearer. So what was the catalyst for this attack? It was as simple as a compromised password. As initially reported by Bloomberg, DarkSide was able to breach Colonial Pipeline and inject ransomware, crippling their infrastructure and …

dictionary

Blocking Basic Dictionary Words is not Enough

For many organizations, password security comes down to simply implementing blocks on basic dictionary words from being used in the creation of a user’s password. This is not an effective way to secure passwords and may in fact make the creation of a secure password more difficult. There are many ways to improve password security that go beyond blocking dictionary …

cybersecurity tips

Top Five Digital Tips for Thriving in the New Normal

Reports, op-eds, and documentaries point out that many 2020 pandemic-prompted changes are likely here to stay. From contactless takeout food delivery to the widespread adoption of virtual meetings, the disruption of COVID caused many technological and digital shifts for organizations. According to recent information from PWC, which surveyed businesses cross-industry, CEOs plan to make their companies more digital and virtual. …

passwordless

It’s Passwords, All the Way Down

We seem enamored with the idea of a ‘passwordless’ society. Not just because it would be an indicator of secure networks, but because trying to keep track of tens of unique, complex passwords is not ideal. There has been plenty of industry and media buzz around the concept of passwordless authentication strategies. Particular attention is paid to strategies like biometrics—which …

state of password security 451

Response Required

Why organizations need to react urgently to the state of password security, according to data from 451 Research In a recent brief titled “Love ‘em or Hate ‘em, Passwords Are Here to Stay,” 451 Research indicated that despite the stirrings of a passwordless revolution, the widespread use of passwords won’t be changing in the foreseeable future. The 451 brief points …

Dos and Don'ts of password security

The Updated Do’s and Don’ts of Password Security

When it comes to passwords, individual habits and organizational policies vary widely—unfortunately, the pattern is one of weakness. But organizational online security can be immediately improved by the implementation of a few key principles. Stronger passwords mean that users are keeping themselves safer online—and if users are safer online, it results in your organization staying safer as well. Updated NIST …

Questions to ask when considering compromised password monitoring providers: https://www.enzoic.com/questions-to-ask-compromised-password-monitoring-vendors/

Questions to Ask Compromised Password Monitoring Vendors

Organizations using Active Directory must update their password policies to block and detect compromised passwords, but comparing password monitoring vendors in this area can sometimes be challenging. Often, organizations are not sure how to compare vendors and are not sure what questions should be asked when working with password monitoring vendors. By asking the right questions, you can pick the …

Active Directory Lite

Need Help Auditing for Compromised Passwords?

Password audits have become more difficult. New data breaches expose credentials every day. These are quickly fed into hackers’ cracking dictionaries, changing which passwords you need to keep out. Verizon’s DBIR found 81% of data breaches were caused by compromised, weak, and reused passwords. Traditional algorithmic complexity rules are no longer considered a key factor in password strength. NIST password …