Onelogin security incident – May 31, 2017. No one is immune.
As communicated by onelogin, a malicious actor gained access to the US operating region using a set of AWS keys. Accessing information databases containing user and app details, Onelogin cannot guarantee encrypted data has not been broken.
Read the full Onelogin report here.
Internal v External SSO
While IT best practice is to have a strict password policy, this has moved individuals and some organisations to opt for the ease and convenience of Single Sign On solutions. These solutions allow a user to authenticate once with a master password, and then gain access to multiple applications, displaying everything on a single pane of glass (such as Centrify Identity Service, Identity Solution’s SSO, Okta).
The inherent risk here, as OneLogin users found out on the 31st of May, is a single point of failure. At 2am PST, compromised AWS keys were used to infiltrate the OneLogin’s internal systems (which was corrected just after 9am), during which time there was access to “database tables that contain information about users, apps, and various types of keys”.
With large breaches being reported by HaveIBeenPwned every few days, and bots like Dump Monitor reporting multiple minor breaches per hour, consolidating enterprise credentials externally has never been riskier.
NetConnect empowers administrators on the back end to control the authentication and access management process, allowing organisations to have SSO performed within the customer’s network, in a decentralised system. Each instance of NetConnect runs within the organisation’s virtual private cloud, and allows users to pass credentials from one internal system to another using standard protocols. The end user is isolated from the corporate infrastructure, only interacting indirectly through a HTML5 Canvas.
By synchronising with an existing active directory, NetConnect’s SSO solution can unify all of the credentials for applications under one password. At the same time, administrators can control security policies and plug vulnerabilities as they appear, creating a win-win situation for productivity and security.