SAN FRANCISCO, Sept. 25, 2019 /PRNewswire/ -- OneLogin, the leader in Unified Access Management which delivers simple and secure application access and identity management to enterprises, today expands their enterprise security platform with the introduction of Shield, an industry-first solution designed to address the top source of data breaches and emerging threat vectors: password reuse and insecure passwords. Shield expands on OneLogin's existing threat capabilities powered by Vigilance AI by protecting enterprises against password reuse, identity reuse, insecure password practices and phishing.
"Time and again, end-user behavior—specifically password reuse—emerges as the primary source of data breaches," said Venkat Sathyamurthy, chief product officer at OneLogin. "Built with user privacy in mind, Shield empowers users to make a positive impact on the security of their enterprise in a remarkably simple and powerful way: by improving password hygiene."
Brute force, credential stuffing and similar password attacks are on the rise, making weak and reused passwords one of the biggest risks in the enterprise. And yet, nearly two-thirds (65%) of IT professionals don't check employee credentials against common password lists. Enterprises are otherwise defenseless against employees reusing passwords from personal applications across their corporate applications. When employees' personal applications are breached, cybercriminals use these compromised credentials against corporate accounts. Shield removes the friction of password management and security by making the low effort, high impact functionality available through the browser used by the vast majority of the internet, Google Chrome.
Shield by OneLogin is a browser extension offered in both free and enterprise-grade plans. Shield works with any existing identity provider to deliver three key capabilities:
Stop Insecure Password Practices: prevents users from the high-risk practice of using identical or commonly used and insecure passwords across any website, including personal and corporate applications
Prevent Corporate Identity Misuse: addresses users using corporate accounts for personal applications, an insecure practice given the risk of third-party application compromise and ability of cybercriminals to use third-party apps as an entry point for data breach
Defend Against Phishing: identifies websites that have a high probability of fraud and attempt to trick users into entering their credentials
Purpose-built for privacy, Shield is released as an open-source tool and does not analyze or store passwords themselves, but analyzes password hashes to identify password reuse. The enterprise-grade solution offers functionality in the form of administrator alerts, the ability to suspend user accounts if malicious activity is detected, and the ability to export intelligence to external resources including Security Information and Event Management (SIEM) tools for additional reporting, analysis, and compliance.
Interested in learning more about Shield for the enterprise and participate in OneLogin's Early Preview program? Let us know here.
About OneLogin, Inc. OneLogin, the leader in Unified Access Management, connects people with technology through a simple and secure login, empowering organizations to access the world™. The OneLogin Unified Access Management (UAM) platform is the key to unlocking the apps, devices, and data that drive productivity and facilitate collaboration. OneLogin serves businesses and partners across a multitude of industries, with over 2,500 customers worldwide. For more information, visit www.onelogin.com.