A Not So Secret Password: solarwinds123
One of the biggest data breaches in history occurred with the SolarWinds hack. Because of one terrible password, solarwinds123, hackers were able to push malicious code to SolarWinds customers. The US CISA (Cybersecurity and Infrastructure Security Agency) issued a rare emergency directive to communicate that the SolarWinds breach “poses unacceptable risks to the security of federal networks.”
But the CISA directive was too late, as the CISA itself was compromised. So were all five branches of the military, the NSA, IRS, USPS, DHS, the Treasury Department, just about every Fortune 500 company, and all of the top ten telecommunications companies.
Up to 18,000 customers of the network infrastructure vendor may have been compromised, representing tens of millions of dollars in loss, not to mention a major hit to trust and reputation. The hackers, who are suspected operatives of the Russian government, deployed updates that opened backdoors to unlock internal communications and sensitive data.
The Password Everyone Knows
Turns out that it’s not rocket science to break in and access confidential information. It was one weak password, likely created by a well meaning employee who wanted a phrase that was easy to remember.
Bad passwords exist everywhere, especially downstream. Your company may have strict security protocols, but it’s a different story with your vendors and third party software providers. They may use a weak password, or just make a small mistake. Once you’ve been cracked, the entire system is wide open.
Security Within Reach
There is a solution. Hackers simply can’t get into a locked platform that uses biometric screening protocols. With a secure solution, you and your vendors efficiently review data using only approved software tools and techniques in a specialized virtual PC environment that you control. Know exactly who is accessing documents, code and data.
It’s possible to monitor access with multi-webcam, real-time proctoring features. Control when, where and for how long access is available. A solution that seals every gap is the only way to prevent trouble. Use it for your business, and insist that your vendors use it too. Even if someone, somewhere in your universe has come up with a hackable password, there’s ample security to prevent malfeasance.