What Enterprises Can Learn from the eBay Breach

CIO Today offered some good insights about what can be learned from the recent eBay breach:

“We caught up with TK Keanini, CTO at network security firm Lancope, to get his take on what the eBay breach really means in the context of enterprise security. He told us this is an unfortunate event but the reality is that all companies need to be ready for it to happen.

“Some companies are more ready than others. For example, eBay should programmatically force a reset of all passwords because just asking nicely will be ignored by too many,” Keanini said. “They also should offer a two-factor authentication method as others have done. All of these things help raise the cost to attackers.”’

The article went on to quote from Tom Smith, vice president of business development and strategy at CloudEtnr:

“’First, you could disconnect sensitive systems from public networks, and require employees to be physically present inside secure facilities to access those systems,” he said. However, he admitted this is obviously impractical for a lot of organizations.

“Another approach is to use modern security software that can provide active defense against credential-stealing malware on employees’ machines,” Davis said. “This kind of thing is especially important when employees are out of the office or using their own laptops, where the security state of the local network and device are less well known.”’

AccelOps helps companies monitor network equipment, servers, applications, equipment, and network flow data in order to create a baseline of normal activity. When unusual behavior is seen or a security issue is detected AccelOps can quickly alert your organization so that you can take action.

Want to talk about how we can help you secure your network? Contact us; we’re here to help.