Last week Russian criminals stole 1.2 billion Internet user names and passwords, amassing what could be the largest collection of stolen digital credentials in history- CNNMoney. The credentials gathered appear to be from over 420,000 websites — both small and large. Which specific websites were impacted is yet to be disclosed but it’s likely that some “household names” are on the list and will have to deal with the resulting publicity.
Today, companies need to manage access to a growing number of websites and applications. Unauthorized access to sensitive information can cause financial losses, reputation damage, and expose companies to regulatory penalties for privacy violations. According to the Ponemon Institute Research Finding, the US per record cost of a data breach is $201. Multiply the 1.2 billion records stolen by the Russian criminals by the $201 and it is a shockingly high number. A Washington think tank has estimated the likely annual cost of cybercrime and economic espionage to the world economy at more than $445 billion — this represents a tax by criminals of almost 1 percent on global incomes.
To reduce these exposures, protecting access with the highest levels of security is crucial for IT organizations. But developing strong security requires a balance between making access difficult for hackers and easy to comply with and use for bona fide users. According to Verizon’s Data Breach Investigations Report, “The easiest and least detectable way to gain unauthorized access is to leverage someone’s authorized access”, which means passwords need to be properly managed and protected. Accordingly, IT organizations are faced with several challenges:
- Recognizing the relentless attempts to acquire security credentials through hacking, phishing and other techniques, preventing unauthorized system access requires more than just password-based access.
- Passwords are easily shared, guessed and stolen. Managing password access is challenging for employees and IT organizations as the number of systems requiring password access grows.
- Managing passwords and system access requires significant IT time and resources, so a highly efficient and easy to use administration solution is necessary.
- Solutions chosen must comply with all prevailing industry standards.
Today, Kaseya took an important step to help its customers address these challenges, with its acquisition of Scorpion Software. The Scorpion Software AuthAnvil product set provides an important addition to the Kaseya IT management solution, offering two factor authentication, single sign-on and password management capabilities.
The solution provides IT groups with:
- An advanced multi-factor authentication solution which provides a level of security which passwords alone cannot deliver.
- An effective single sign-on solution with easy access to all systems for employees which avoids the need for sharing or writing down of passwords.
- Powerful and easy-to-use password management capabilities to drive efficiencies in administering password access.
- Support for industry standards compliance and auditing including PCI, HIPPA, SOX, CJIS and other standards.
These capabilities are aimed directly at the security and efficiency challenges above, and are essential for MSPs and IT organizations to be able to effectively manage secure access to applications and ensure standards compliance.
Scorpion Software is a longtime partner of Kaseya and has already implemented an integration with Kaseya Virtual System Administrator (VSA), making it easy for existing Kaseya customers to add Scorpion Software’s unique security capabilities to their solutions. Kaseya VSA is an integrated IT Systems Management platform that is used across IT disciplines to streamline and automate IT services, and the integration of Kaseya with Scorpion Software’s AuthAnvil technologies creates an IT management and security solution unmatched in the industry.
Scorpion Software’s AuthAnvil is currently in use by over 500 MSPs around the globe, and is the only identity and access solution to provide two factor user authentication integrated with password management and single sign-on. It allows IT organizations and MSPs to quickly and easily enable and manage secure access to all applications, delivering the highest levels of security and efficiency.
With the acquisition of Scorpion Software, Kaseya continues its work to deliver a complete, integrated IT management and security solution for MSPs and mid-sized enterprises around the world. The combined solution will help IT organizations:
- Command Centrally: See and manage everything from a single integrated dashboard.
- Manage Remotely: Discover, manage, and secure widely distributed environments.
- Automate Everything: Deploy software, manage patches, manage passwords, and proactively remediate issues across your entire environment with the push of a button.
Author: Tom Hayes