Blacklist Azure AD

The Risks Azure AD Password Protection Ignores: Compromised and Blacklisted

2022 is shaping up to be an extremely successful year for cybercriminals. Data breaches are accumulating in unprecedented numbers, putting more and more information in the hands of bad actors. Cyberattacks this year have hit big players like Cash App and the Red Cross, as well as smaller companies around the world. Even small data breaches have a part to …

CISA

CISA: The Risk of MFA Without Improving Password Security

The recent CISA Alert AA22-074A describes how Russian state-sponsored cyber actors gained access to a US NGO using compromised credentials and a flaw in default MFA protocols. This alert may help cybersecurity professionals understand that MFA alone is insufficient and the importance of securing each authentication layer. What happened, exactly?As early as May 2021, the FBI observed Russian state-sponsored cyber …

password security

Five Tips for Locking Down Password Security

Taking Action on Active Directory Active Directory (AD) is ubiquitous cross-industry and due to its popularity, cybercriminals have continually targeted it. Therefore, prioritizing safe passwords in AD is crucial. Here are five ways to address the problem. 1. Use the Principle of Least Privilege (POLP) When a network administrator is establishing the levels of access for every user of AD …

data privacy day

Data Privacy Day: Five Defensive Strategies for Businesses

Data Privacy Day is a chance for businesses to engage with their customers and clients in a way that builds trust, inspires customer loyalty, and enhances the business’s reputation.  When an organization demonstrates that they care about protecting consumers’ privacy–they are in effect letting clients know that their information, data, and choices are safe with the business.   In 2022, this …

password tips

MSPs and MSSPs: 6 Password Management Tips

The majority of users, whether new employees or CEOs, don’t realize that even if their password meets complexity requirements, it doesn’t mean it’s secure. In fact, many common password policies are overdue for an update, as for several years now cybercriminals have been taking advantage of these password policy weaknesses. These issues are compounded by password reuse—a very common user …

password security

The Latest Password Security Methods

Password authentication isn’t going anywhere anytime soon. It’s part of our culture, users and employees are accustomed to it, and many systems depend on the “what you know” layer. Newer technologies like biometrics might work in certain situations, but they won’t replace passwords altogether anytime soon. In our series on password security, we’ve talked about some worrying trends, the myths …

CISA

CISA Adds Single-Factor Authentication to List of Bad Practices

One Layer Isn’t Enough The Cybersecurity and Infrastructure Security Agency (CISA) in the United States recently announced adding single-factor authentication to their list of Bad Practices.  CISA’s Bad Practices list contains a collection of exceptionally risky cybersecurity practices. Although intended for all industries, the practices listed are considered especially dangerous in organizations that support critical infrastructure or National Critical Functions (NCF).  …

paso robles

The City of Paso Robles Taps Enzoic for Password Peace of Mind

The City of Paso Robles, located in San Luis Obispo County, California, is famous for its award-winning wines and relaxed atmosphere. As such, it’s no surprise that the City is a popular tourist destination, with Paso Robles included in Travel and Leisure magazine’s “25 Top Places to Visit for the Holidays” in 2015 and 2016. Located halfway between San Francisco …