After a massive breach one of the major steps to take is to change all of the user passwords. This monumental task may include notifying millions of user and take weeks or even months. Compliance with the request to reset passwords is unlikely to be complete leaving inherent vulnerabilities in the network. The cost in time and effort to undertake this task is substantial. In the meantime the already breached system is either shut down or in a very vulnerable state.

On the darker side, whomever breached the system may be selling or distributing the stolen passwords on the darknet. Many users will use the same password for multiple accounts and the ripple effect of the password becoming widely known will continue the damage.

For the enterprise that has the OnliU platform deployed this becomes a non-event. With OnliU passwords can be openly disclosed and are of no value to anyone other than the authorized user. The strong security behind OnliU is the equivalent of a strong and dynamic certificating authority that operates invisibly in the background. If the administrator of the breached system did nothing the system would automatically refresh all of the certificates in minutes in any case.

In the extreme case OnliU provides for an instant reset. This not only freezes out the attacker, but if the inside threat has been identified using OnliU audits along with other cyber security tools that inside threat is also excluded from the system.

With OnliU, not password reset is required in order to maintain system security. Secure operational recovery time is reduced from days or weeks to minutes!

Back to blog listing


© 2016 On!iUs Inc., 15250 Heather Mill Lane, Haymarket, Virginia 20169, USA. All Rights Reserved.