New tool monitors for exposed emails, passwords in cybercriminal circles and enforces NIST standards to give enterprises confidence in access controls.
SpyCloud, the leader in account takeover prevention, today launched new, automated tools for checking and maintaining password security in Microsoft Active Directory, the central authentication system used by almost all Fortune 1000 companies and by businesses of all sizes around the world.
“SpyCloud Active Directory Guardian has saved us more than 1,000 man hours. As soon as Active Directory Guardian detects a compromised account, the integration with Active Directory works to reset that account and it sends a notification to the security teams that remediation is taking place,” said Al Dixon, Principal IT Security Architect of CorpIT at EBSCO Industries. “The solution gives us peace of mind — a level of comfort that we can not only detect account compromises, but also remediate them.”
With SpyCloud Active Directory Guardian, cyber security teams can check employee login credentials in Active Directory against SpyCloud’s data, the largest repository of recovered stolen credentials and personally identifiable information in the world — a collection of more than 76 billion data points. If a password is in SpyCloud’s data lake, it shouldn’t be used in an enterprise’s Active Directory.
Active Directory acts as a single point of authentication for an organization’s entire network, including software, computers and other networked objects, helping employees move between apps and tasks without having to remember passwords for each. However, cyber criminals who obtain stolen passwords and gain access to an employee account in Active Directory can also move easily within an enterprise network, potentially compounding the damage associated with a corporate account takeover.
SpyCloud’s new automated offering can be set to regularly check usernames and passwords across the enterprise for dark web exposure, and also searches for “fuzzy” matches where letters are replaced with numbers or special characters are added. Security teams receive a report detailing how many credentials are exposed and can force password resets on a person-by-person basis, or for all exposed accounts.
“Another piece I really like is the monitoring of personal emails,” Dixon said. “We’re not just monitoring internal corporate accounts, but we’re able to extend that to individuals and can monitor personal accounts for compromise as effectively as we do their corporate identity.”
With the option to reset weak and exposed passwords automatically, SpyCloud Active Directory Guardian also makes it easy for companies to enforce the latest guidelines from the National Institute of Standards and Technology (NIST) for secure digital authentication. This will guide enterprise employees to create very strong passwords that haven’t been exposed in breaches, are difficult to guess and easy to remember.
“Enterprises using Active Directory Guardian can outpace cyber criminals. The combination of early detection of leaked credentials with automated remediation makes it a comprehensive tool for securing users, both employees and customers, who are often the weakest link in an enterprise’s overall security posture,” said David Endler, SpyCloud’s Chief Product Officer and Co-Founder.