SpyCloud, a key player in account takeover prevention, launched new, automated tools for checking and maintaining password security in Microsoft Active Directory, the central authentication system used by almost all Fortune 1000 companies and by businesses of all sizes around the world.
With SpyCloud Active Directory Guardian, cyber security teams can check employee login credentials in Active Directory against SpyCloud’s data, the largest repository of recovered stolen credentials and personally identifiable information in the world — a collection of more than 76 billion data points. If a password is in SpyCloud’s data lake, it shouldn’t be used in an enterprise’s Active Directory.
Active Directory acts as a single point of authentication for an organization’s entire network, including software, computers and other networked objects, helping employees move between apps and tasks without having to remember passwords for each. However, cyber criminals who obtain stolen passwords and gain access to an employee account in Active Directory can also move easily within an enterprise network, potentially compounding the damage associated with a corporate account takeover.
SpyCloud’s new automated offering can be set to regularly check usernames and passwords across the enterprise for dark web exposure, and also searches for “fuzzy” matches where letters are replaced with numbers or special characters are added. Security teams receive a report detailing how many credentials are exposed and can force password resets on a person-by-person basis, or for all exposed accounts.
With the option to reset weak and exposed passwords automatically, SpyCloud Active Directory Guardian also makes it easy for companies to enforce the latest guidelines from the National Institute of Standards and Technology (NIST) for secure digital authentication. This will guide enterprise employees to create very strong passwords that haven’t been exposed in breaches, are difficult to guess and easy to remember.
“Enterprises using Active Directory Guardian can outpace cyber criminals. The combination of early detection of leaked credentials with automated remediation makes it a comprehensive tool for securing users, both employees and customers, who are often the weakest link in an enterprise’s overall security posture,” said David Endler, SpyCloud’s Chief Product Officer and Co-Founder.