Billions of stolen credentials are readily available online, and the number grows daily. Weak or stolen passwords are the top cause of data breaches. According to the Verizon 2017 Data Breach Investigations Report, 81% of hacking-related breaches leverage stolen and/or weak passwords.
To combat the vulnerability posed by stolen credentials, we integrate our Privileged Identity Management solution with VeriClouds CredVerify. The two solutions work together to automatically identify if a privileged account password is a known compromised credential.
Protecting Your Privileged Identities from Stolen Credentials
When you log into our Lieberman RED – Rapid Enterprise DefenseTM Identity Management web portal, VeriClouds checks the entered userid and password against its database of more than five billion compromised credentials. If the credential is identified as stolen, the login into the privileged account is prohibited until the password is reset.
You benefit from enhanced protection of your privileged accounts from compromised credentials. And you more easily comply with the password security requirements of major regulatory compliance mandates, including guidelines from the National Institute of Standards and Technology (NIST).
This Lieberman Software – VeriClouds integration lets you:
- Minimize the leading cause of data breaches – weak and/or stolen passwords
- Gain visibility into the risk that stolen credentials pose to your powerful privileged accounts
- Automate the analytics of vulnerable credentials into a closed loop, real-time intelligence driven security operation
Providing Secure Access to Sensitive Systems
Lieberman Software and VeriClouds have also joined together to prevent end-users from logging on with known compromised credentials. VeriClouds CloudVerify works with Lieberman RED Account Reset Management – Lieberman Software’s self-service password reset tool.
If a user of RED Account Reset Management attempts to log into a workstation or server with a compromised credential, the login can be blocked until the password is reset. This prohibits compromised users from accessing sensitive corporate or government systems.