Every employee abides by your IT department’s password policies – right? But are the resulting concoctions truly secure, even if they meet those criteria?
All employees are now familiar with using passwords to access corporate resources, and, especially within corporate Microsoft server environments, using Active Directory. Password policies will prescribe the length and content (“at least 8 characters long, including both letters and numbers,” for example), to ensure that brute force attacks are minimized. But how secure are the choices then made by employees?
As almost all passwords are stored as one-way secure hashes, it is impossible for you to tell precisely what an individual’s password is without asking them directly. Using our proprietary algorithms, combined with state-of-the-art hardware, we can audit your entire company’s password hashes to reveal how secure they really are.
We’re able to identify commonalities between passwords – such as common root words, the company name, sequential numbers and more – all risks that could lead to a successful cyber-attack. There are many password choices that we consider ‘weak’ and the relevant employees can then benefit from personalized training to explain why their password choices should be improved.
Weak passwords are a significant risk for an organization, because the resultant attacks can easily go unnoticed, because of course the access appears to be the real user logging in.
Available as an appliance-based hardware solution to deploy to your own infrastructure, or as a hosted solution in our secure data centers, this service should be an essential part of your security risk process.
Provide specific training to those who have weak passwords
Repeat regularly to identify improvement over time
Reduce the risk of an attacker gaining access
KEY SERVICE FEATURES
- Audit your entire population of employee passwords
- Report on commonalities, sequences and deducible passwords
- Target employees with weak passwords and improve them
- Use award winning, proprietary software
- Measure the risk of attack-via-password within the organization
- Deliver executive report, including full breakdown
- Avoid unnoticed attacks through easily compromised accounts
- Choose internal or corporate data center hosting
- Enhance password policies on the basis of findings