What constitutes a data breach? While it generates headlines, and is understood by the general public as an attack on data, IT security professionals know a system “breach” is actually defined as an incident in which sensitive, protected or confidential data has potentially been viewed, stolen or used by an individual unauthorized to do so. Most breaches are conducted by unauthorized users who have stolen an authorized user’s credentials.
Why is this so frustrating for SysAdmins? Because they get blamed for data breaches, even though it’s often up to credentialed users to prevent them.
The mightiest weapon in the arsenal to prevent a breach? The humble password. From speakeasies to D-Day to iCloud, no other single security measure has proven better at keeping unauthorized people from protected things. With a strong enough, long enough, random enough and frequently-changed password compounded with two-factor authentication, it is almost impossible for a hacker to gain unauthorized access to computing systems.
With all the hype around cyber crime and news reports on companies subject to breaches, it’s a good time to take a deep breath and remember that the fundamental best practices of InfoSec haven’t changed. The password is still mighty when it’s done well and changed often.