Uber Hack: Get RID Of ALL Your Admin Static Creds
Lessons learned from last week's Uber hack
That’s it, no post right now.
My tips this week are:
Get rid of all your static admin creds
Add step up authentication for all admin ACTIONS
Add adaptive MFA to your authentication to detect abnormal MFA activity
Have admin users use SEPARATE credentials for everyday access vs Admin Access
Here’s an excellent video by Marcus to help illustrate:
Last Week As A vCISO is a reader-supported publication. To receive new posts and support my work, consider becoming a free or paid subscriber.