The website Hackmageddon features statistics and historical data on cyber-attacks. On reporting statistics for March 2016, the site noted that although 32.6% of attacks in that month were of unknown origin, the highest ranking segment among known attack vectors was account hijacking, with 20.7% of cyber-attack cases reported as being of account hijacking origin.
What Is Account Hijacking?
Account hijacking is a type of identity theft in which a hacker uses compromised account credentials to log-in and carry out unauthorized or malicious activity. This can be achieved by password guessing, brute force attacks, or gaining access through phishing emails. Getting a hold of an employee’s email is fairly easy to do as they are what employees use for external communications, but often are found on social profiles, and communications materials such as press releases and blog articles.
Here are a few ways that a managed IT services provider can enhance the security of your IT infrastructure and protect against account hijacking and other cyber-attacks:
Installation of Protective Technologies
As your managed IT provider can optimize your IT infrastructure with the latest and greatest technologies to streamline operations and increase efficiency; they can also recommend and implement protective technologies to keep your IT environment secure. From installing hardware based firewalls on your network, and to implementing enterprise level email protection with spam filters that can keep phishing emails and infected attachments out of your employee’s inboxes.
Enforcement of Policies and Procedures
A managed IT services provider can assist with implementing and enforcing policies and procedures to keep accounts secured, and reduce the risk of having an account hijacking attach from occurring on your network. Your managed IT provider can help you and your team to create strong passwords for accounts. They can also set up procedures where employees have to make new passwords every “x” amount of months (some states require organizations to change passwords every 90 days, for example). Strong passwords reduce the risk of compromised employee accounts. A managed IT provider can also create, implement, and enforce policies such as a secure workstation policy which keep entrance points to your network secure from unauthorized access.
Network Monitoring and Maintenance
With extra eyes on your networks, your managed IT services provider will alert you at the first time of suspicious activity. Perhaps there was an uptick in activity from a specific IP address, or there were multiple requests from a geographic area outside of your company’s normal area of operation. While there are attackers who can stealthily access systems without anyone noticing, usually suspicious activity can be detected through network monitoring. In addition to keeping extra eyes on your IT environment, your managed IT provider will make sure that all updates, patches, and other network maintenance tasks are taken care of in a timely manner. This ensures that your network is as up-to-date as possible which helps to boost network security.