Login credentials are the source of a lot of messy situations. If they fall into the wrong hands, it’s almost unclear what could happen. Account takeover risks are among the least talked about cloud security issues for schools, but they are perhaps the most detrimental and the hardest to detect.
Before you start cleaning your district’s Google and/or Microsoft cloud domains of all their online risks and vulnerabilities, you need to know exactly what you’re dealing with. Let’s take a closer look at the reality of login activity in your cloud environment.
Account Login 101
According to one estimate, the average person uses 191 different services that require a password or other login credentials.
191 services! Now think of this in terms of your school district: for each student you have, they access multiple logins and multiple cloud services, all of which require a password. Simply put, the sheer volume of account login activity in your cloud environment is almost incomprehensible.
Here’s the problem: Most school districts lack the funding, staff, and time to dedicate the resources needed to monitor account activity, a weakness that makes them especially vulnerable to malicious hacks. In fact, according to EdWeek Research, only one in five school cybersecurity budgets is allocated to securing cloud applications.
Combined with the fact that student data is an incredibly lucrative target for cybercriminals, these reasons make school districts a hotbed of malicious account activity.
The post Evaluate Your District’s Account Login Activity appeared first on ManagedMethods.
*** This is a syndicated blog from the ManagedMethods Security Bloggers Network written by Alexa Sander. Read the original post at: https://managedmethods.com/blog/account-takeover/