AdobeStock_65082199.jpeg2016 is ending with another round of major data breaches with online companies such as PayAsUGym, Lynda, and Yahoo.

For the c-suite, there is one thing we can learn from these three breaches in the past week: ensure your employees are not using the same credentials for personal and professional accounts. As we will begin seeing more and more login credentials stolen from widely used sites, implementing a solid password policy will ensure that attackers cannot leverage these breaches to steal your corporate information.

Just what can an an attacker do to harm your business with your employee’s personal login info? Adversaries can use this information to not only hijack email accounts, but also to collect detailed information from your employees that could enable them to launch a larger scale, social engineering attack against your organization. This could allow them to steal highly sensitive corporate information or gain access to your network.

Don’t fall victim. Ensure a solid password policy for your employees and restrict the use of their corporate email account for personal use.

 

Subscribe to HORNE Cyber Blog

COMMENTS

THIS POST WAS WRITTEN BY Mike Skinner

Mike is the partner in charge for HORNE Cyber. His primary focus is to enable clients to fully leverage technology innovations by providing the insights critical to safeguarding their business, customers’ critical data and brand reputation. He is responsible for information technology audit, regulatory compliance, information security consulting, internal control consulting and business solution implementation.

Find me on: