In late September, The Guardian broke the story of a major data breach at Deloitte, one of the world’s largest accounting & consulting firms. This cyber attack exposed millions of emails coming from and to Deloitte employees.
The hack team used login credentials to gain access to an Office365 server hosted in the Microsoft Azure cloud. The breach revealed emails, usernames, passwords and personal details of Deloitte personnel. Also revealed were at least six of the firm’s blue-chip clients.
Deloitte’s very large, renowned IT/cybersecurity consulting business is a trusted advisor to the loftiest corporations within the Fortune 500. Gartner rated Deloitte #1 worldwide in cybersecurity consulting in 2013. The irony of the breach occurring at Deloitte, in spite of all the best-practice knowledge and operational security know-how within the company, is an embarrassment that does not need highlighting. The lesson learned? The breached server node had only a single-factor admin password in place for access.
Deloitte Data Breach Aftermath
Deloitte has endured a major resource drain for months to assess and remediate the breach — from engaging expensive legal defense teams to deploying their own cybersecurity staff and outside experts. The use of composite authentication, inclusive of risk-based and biometric markers, would have clearly prevented this breach.
This is another case study that points back to the proactive, programmatic rigor that must be a constant in a corporate IT systems security environment today — where “no node is left unprotected.”
Things do fall through the cracks, even at the most vaunted levels — and it’s easy to take potshots after the fact. But what are the actionable takeaways here?
Three Strategies to Consider in Building Out Your IT Security Posture
- Prevention: We cannot over stress the importance of maintaining a rigorous, programmatic approach to defending network infrastructure — minimizing the possibility of compute nodes that inadvertently go under protected.
- Vigilance: Prepare appropriate response protocols in advance, in case authentication technology surfaces login failures, or worse — an actual attempted breach.
- Resilience: Failover/backup compute and data stores seem obvious, but regular reviews of network topology to validate appropriate resilience will only serve your company’s and customer’s best interests.
Solving for Multifactor Authentication Challenges
Our DigitalPersona composite authentication technology has been developed, tested and proven. Going beyond traditional 2FA and MFA, composite authentication offers a broad array of authentication modalities including biometrics and leading-edge behavioral risk factors.
Jeff Carpenter is Director of Identity and Access Management solutions at Crossmatch. In this role, he is responsible for evangelizing Crossmatch’s DigitalPersona® solution. In his 10+ years in cybersecurity, Jeff has held positions with a number of top tier cybersecurity and technology companies, most recently he was with RSA, a Dell Technologies company. Jeff earned a Bachelor of Science degree in Business Administration from Creighton University in Omaha, Nebraska. He holds both a Certified Information Systems Security Professional (CISSP) and a Certified Cloud Security Professional (CCSP) designation.