Every week, there seems to be a new high-profile organization in the news that has suffered from a cyberattack. This news coverage understates the fact that much smaller organizations have also succumbed to the same fate. The cyberthreat landscape has become more sophisticated over time, but one common thread has remained constant: end-user identity attacks.
According to IBM research, 61% of all security breaches started with compromised credentials and 34% of organizations have had privileged accounts compromised. When you combine those statistics with the eye-opening data that 76% of surveyed companies expected to be compromised in the next 12 months, it becomes clear that identity security is a keystone of a Zero Trust or defense-in-depth security strategy. The global cost of cybercrime in 2022 was $6 trillion. The average annual cost to an organization was around $4.34 million. When calculated by probability of loss for an organization with 1,000 employees, this breaks down to roughly $850 monthly or $10,200 per user annually. Every penny spent securing users’ identities is an investment in reducing probable loss and protecting your bottom line.
Microsoft offers a plethora of identity security features in Azure, some of which are even available free of charge. For example, Microsoft offers multi-factor authentication (MFA) and Smart Lockout with their free tier of Azure Active Directory. Implementing MFA is arguably the most important change an organization can make to improve its security posture. Even if a user has a compromised account and an attacker has their password, they will be unable to use the credentials without the multi-factor challenge. That said, not all MFA methods are created equal. Using SMS as the MFA method is less secure than using the Microsoft Authenticator application. It is possible to spoof phone numbers and to intercept SMS. Using the Microsoft Authenticator application gets users one step closer to a password-less authentication method that is now considered best practice. If there is no password, the password cannot be compromised.
Beyond MFA implementation in Azure Active Directory, there are additional identity security features in the Azure Active Directory P2 subscription tier. These features further improve identity security from advanced attacks. Conditional Access policies and Azure Identity Protection go one step further to thwart evildoers. Even if a hacker can capture and spoof the secure token after a user has authenticated (even post-MFA) they could be prevented from accessing resources if they trigger a configured Conditional Access or Azure Identity policy based on suspicious activity or location.
Persistent threats require a new mindset with the assumption that your organization is already compromised in some way and you should adopt a Zero Trust strategy with multiple layers of protection. Microsoft Azure provides multiple layers of identity protection, and many organizations already have these tools available to them with their current Microsoft licenses. In fact, only 26% of Azure Active Directory subscriptions have MFA enabled. Take proactive action today to build your defenses against the dark arts and contact Cloudforce to consult our expertise in protecting user identity for your organization.
“How Identity Security Protects the Bottom Line”
Jarred Boone, Inbar Cizer Kobrinsky, and Alex Weinert