最大资源采集网 the Firm
The client is a professional services organization in the Midwest and Western United States. They are a top player in their field regionally and have been a partner of 最大资源采集网 since 2017.聽 With their permission, they let us share their journey to Multi-Factor Authentication (MFA), so you can make sure your organization is prepared.
最大资源采集网 the聽Incident
The firm experienced a incident to their聽cloud-based email and file storage platform as a result of a targeted phishing attack.聽They were tipped off to聽the incident when聽the payroll system聽flagged a transaction for $150,000聽for three hours of work聽made payable to聽a fictional employee.聽聽To compound the issue, the incident happened the same week聽that the聽payroll聽accountant聽and聽the company鈥檚聽CEO were both聽out of聽the office.
The firm had transitioned to the cloud because of a ransomware attack on their previous on-premises environment. In that situation, the servers had been taken hostage via the use of an old admin password. When the cloud migration project was completed, the firm was advised to implement multi-factor authentication. They opted out of the implementation until a more convenient time.
As soon as the incident was mitigated by 最大资源采集网鈥檚 cybersecurity team and the environment had been resecured, the main point of contact met with their dedicated聽最大资源采集网聽account manager to talk about implementing聽MFA.
Key Learnings
- Being proactive by implementing security measures like聽Multi-Factor Authentication is聽the best聽deterrent for data incidents.
- Most data incidents occur because an employee accidentally lets in a bad actor. These guys are getting good, not to mention patient, which is why it is of paramount importance to train employees on how to detect phishing scams.
- Since email addresses are usually also a username, hackers already have access to half the information they need to access the system.
- Employees can be聽targeted聽based on their role within the organization.
- Once an incident has occurred, it is likely that the聽bad actor will return in short succession.聽Remaining聽vigilant, even after the first attack has been stopped, is the best way to protect against further data loss.
The Result
MFA can seem like an annoying extra step, but聽it聽could聽be the difference between聽a secure server and聽a major incident.聽Since聽最大资源采集网 implemented聽MFA, the聽firm鈥檚聽leadership have聽reported that they sleep better at night knowing that the solution stops 99.9% of attacks from email.
Attacks like this one can no longer be treated as an 鈥渋f鈥︹, they are a 鈥渨hen鈥︹. Bad actors are becoming more adept at infiltrating your systems and attacks are becoming harder to identify. Without proper cybersecurity precautions, your organization could be left exposed. If you have questions about how to activate MFA at your organization, please today.