IS Decisions Responds to US Business Fears: New Research Uncovers Widespread Compromised Login Credentials Across the US

LONDON, June 21, 2016 /PRNewswire/ -- Global IT security vendor IS Decisions today launches version 9 of its flagship software UserLock after the company's research study found that more than half (55%) of US organizations have suffered a security breach as a result of compromised company login credentials.

The IS Decisions survey was answered by 250 people responsible for IT security within US organizations. The results uncover some shocking truths about the state of the country's user access security. While 92% of IT managers surveyed believe it is important to have a way to detect compromised credentials, 47% believe that the security measures put in place by their organisation negatively impact employee productivity.

Therefore, many organizations aren't looking out for crucial warning signs, possibly for the fear of impeding end users. 43% don't monitor sudden changes of login times and more than a quarter (26%) don't monitor remote access from implausible locations. As a result, businesses are only confident of tracing a breach back to the source less than half (46%) of the time.

UserLock counteracts these worrying findings by providing specific contextual and customizable user login rules based on time, location, machine, device, number of concurrent sessions and session types to ensure that authenticated users are exactly who they say they are. UserLock monitors all network logins in real-time and alerts IT admins to suspicious activity so they can act quickly to mitigate a breach. Crucially, UserLock doesn't impede end users with additional security for example, tokens, which are costly, complex and time consuming for the IT department to set up and manage.

Now, UserLock 9 can analyse the sequence of user connections to help block the use of compromised credentials. By determining a new point of entry in the network, UserLock 9 authorizes subsequent network connections from this initial access point, confident in the knowledge that the user is who they claim to be. By limiting the number of initial access points to a single point of entry, UserLock 9 detects any further attempts to connect from inside or outside the network using shared or stolen credentials — and subsequently alerts the IT team while automatically blocking access.

UserLock can also alert IT admins to other events of high-risk behavior that could suggest a compromised account, for example an attempt to connect to a new session from an existing session with different credentials. With just one click, IT admins can review and immediately block any suspect user accounts. UserLock 9 then denies all further logon attempts and closes any existing sessions, so administrators can mitigate risk much more quickly and effectively than with previous versions of the software.

Transparent to the end user, this new type of contextual access control continues to ensure employees can remain productive and not be continually interrupted with re-authentication requests.

UserLock 9 now also includes machine time-zone restrictions, which enables admins to apply local time restrictions according to each client's machine time instead of the UserLock server time.

IS Decisions CEO François Amigorena said: "The most worrying thing about compromised credentials is that, without technology, you're not likely to detect a hacker because your systems believe that the person on the network is who they say they are. There's no reason for your anti-virus software or firewall to flag anything to you.

"If you ask your neighbors to watch your house and keep an eye out for any signs of forced entry when you go on holiday, you're going to miss the burglar who steals your keys and walks right through the front door.

"So that's why we've decided to launch a new version of UserLock with a brand new set of features that go further to reduce the risk of external attacks and internal breaches. We've incorporated these new features based on feedback we have gathered from our existing customers, and on the wider research we've been doing in the market."

Notes to editors
IS Decisions surveyed 500 US and UK businesses in May 2016, and will soon be publishing a top-tips guide on how to avoid the common pitfalls that many US businesses are currently falling into.

About IS Decisions
IS Decisions makes it easy to safeguard and secure your Microsoft Windows and Active Directory infrastructure. With solutions for user access control, file auditing, server and desktop reporting, and remote installations, IS Decisions combines the powerful security today's business world mandates with the innovative simplicity the modern user expects. Over 3,600 customers around the world rely on IS Decisions to prevent security breaches; ensure compliance with major regulations, such as SOX, FISMA and HIPAA; quickly respond to IT emergencies; and gain time and cost-savings for IT. 

IS Decisions is a Microsoft Silver Partner based in Biarritz, France. Customers include American Express, BAE Systems, BMW, FBI, Frito-Lay, GlaxoSmithKline, IBM, Lockheed Martin, Mitsubishi, Oxford University, South Wales Police, TimeWarner, United Nations Organization, US Department of Justice, US Department of Veterans Affairs and US Navy Marine Corps.

Media contacts
Carolyn Devadawson/Sanjay Dove
Wildfire
Email 
+44 208 408 8000

SOURCE IS Decisions