In the ever-evolving landscape of cybersecurity, managed service providers (MSPs) face unique challenges in safeguarding their clients’ infrastructures. MSPs must consistently adapt their security strategies to stay ahead of malicious actors who continually refine their methods. The 2024 Duo Trusted Access Report, titled “Navigating Complexity,” offers a data-driven perspective on the latest trends and best practices within identity and access management (IAM). This article delves into the key findings from the report, highlighting actionable insights for MSPs to enhance their security frameworks.
Decline of Traditional Second-Factor Authentication Methods
One of the significant trends highlighted in the report is the decline in the use of SMS and phone calls for second-factor authentication. Historically considered effective, these methods have seen a 22% decrease, reaching an all-time low of 4.9%. This shift underscores the vulnerabilities associated with SMS and phone call-based authentication, driving a preference for more secure multi-factor authenticator apps. The transition is driven in part by the recognized risks associated with older methods, which are susceptible to interception and social engineering attacks.
Amid increasing push-targeting multi-factor authentication (MFA) attacks, the importance of enabling Verified Duo Push is emphasized. Implementing this feature can mitigate push harassment and MFA fatigue attacks, inherently leading clients towards a more secure, passwordless authentication methodology. Verified Duo Push promotes a higher level of security by confirming user-initiated authentications, thereby mitigating unauthorized access attempts. This proactive approach ensures that MSPs can offer their clients a robust and user-friendly authentication experience, reducing friction while enhancing security.
Addressing Authentication Failures Due to Outdated Software
A concerning finding from the report is the alarming surge in authentication failures caused by outdated software, with a 74.7% increase observed. Authenticating with browsers lacking current updates leaves systems vulnerable to exploitation. Approximately 20%-40% of browsers used for authentications are outdated, creating significant security gaps. Mobile Safari, in particular, is frequently used for successful authentications but is notably prone to being outdated or reaching end-of-life status, highlighting critical areas for improvement.
To address this issue, the report recommends designing granular, adaptive security policies based on device posture, such as operating system versions and security patches. Duo’s Endpoint Remediation feature stands out, notifying users about updates, facilitating self-remediation, or outright blocking access if conditions are unmet. This solution ensures administrators maintain visibility without necessitating the installation of agents, thereby enhancing overall security. By implementing these measures, MSPs can significantly reduce the risk posed by outdated software and maintain a resilient security posture for their clients.
Embracing Mobile and Non-Traditional Operating Systems
The report identifies a steady adoption of mobile and non-traditional operating systems, which now account for 61.8% of all measured authentications. The diverse landscape of supply chain operations, third-party partnerships, and contractor devices exacerbates the risk of unmanaged devices and unknown endpoints. This variability complicates the establishment of trusted access, thus calling for enriched security measures that accommodate the diversity of devices within an organization’s ecosystem.
Combining robust authentication with device trust policies, such as Duo Trusted Endpoints, provides an additional security layer even when devices can’t be directly managed. Administrators can enforce trust policies for various endpoints, ensuring that unauthorized devices are blocked, even if MFA is breached. This approach helps MSPs maintain a secure environment despite the increasing complexity of device management. As MSPs embrace the diversity of operating systems, they must implement tools and policies that adapt to varying device types while ensuring consistent security standards.
Mitigating Risks from Compromised Credentials
A striking statistic from the report reveals that in 23% of engagements observed by Talos Incident Response (IR), attackers exploited compromised credentials to access valid accounts. This issue highlights the critical need for proper access controls to prevent unauthorized access to sensitive information, particularly for privileged roles like IT administrators. Compromised credentials remain a primary vector for cyber attacks, necessitating robust defense mechanisms to safeguard critical data.
The article advocates for role-based access controls offered by Duo, enabling multi-tenant partners to manage operations efficiently and ensure the principle of least privileged access is maintained. By implementing these controls, MSPs can significantly reduce the risk of unauthorized access and protect their clients’ critical data. Incorporating measures such as multi-factor authentication and continuous monitoring can further bolster security, ensuring that even if credentials are compromised, attackers are thwarted from gaining meaningful access.
Managing Inactive Accounts and Enhancing Identity Security
Inactive accounts constitute more than 24% of an organization’s total identities and face over 500 attacks monthly. The report stresses the importance of focusing on identity security and evaluating login attempts based on context and risk. MSPs benefit from solutions that analyze user and device telemetry to detect threat patterns without hindering productivity. Treating inactive accounts as potential vulnerabilities, rather than overlooked artifacts, is crucial for maintaining a robust security posture.
Duo’s Trust Monitor and Risk-Based Authentication (RBA) are highlighted as tools that enhance security by adapting the level of authentication required based on assessed risk levels. By leveraging these tools, MSPs can ensure that inactive accounts do not become a vulnerability, thereby strengthening their overall security posture. Continuous analysis and contextual evaluation of login attempts allow for dynamic responses to emerging threats, ensuring that security measures are proportionate to the identified risks.
Adopting Adaptive, Data-Driven Security Measures
In the rapidly changing world of cybersecurity, managed service providers (MSPs) encounter specific challenges in protecting their clients’ infrastructures. It is essential for MSPs to continually adapt their security strategies to effectively counteract malicious actors who are constantly evolving their tactics. The 2024 Duo Trusted Access Report, aptly named “Navigating Complexity,” provides a comprehensive, data-driven analysis of the most recent trends and best practices in identity and access management (IAM). This report offers invaluable insights for MSPs, outlining key findings that can help them enhance and strengthen their security frameworks.
By diving into the report, MSPs can gain actionable intelligence on advanced IAM strategies and methodologies that address current and emerging threats. The report emphasizes the importance of a proactive approach, enabling MSPs to refine their security measures effectively. For instance, it sheds light on the value of implementing multi-factor authentication (MFA), regular security audits, and advanced threat detection systems. These insights are crucial for MSPs committed to providing robust security solutions in an increasingly complex and hostile cyber environment.
