"In my opinion, the top issue is implementing phishing-resistant authentication to protect logins. This problem goes beyond the specific issue of mobile device management and is something IT leaders need to prioritize. While multi-factor authentication does solve many problems, not all MFA technologies are phishing-resistant. In particular, for cloud-based solutions, which are usually accessible to everybody, solid phishing-resistant authentication is a must-have."
"The US Cybersecurity and Infrastructure Security Agency (CISA) is principally for organizations using Microsoft Intune, a cloud-based unified endpoint management (UEM) service that Handala, known for multiple destructive wiping, data theft and data leak attacks, was reportedly able to compromise. But CISA said the defensive principles of its recommendations can be applied to any endpoint management software."
Following the Handala threat actor's compromise of Stryker's systems, CISA issued guidance for organizations to strengthen endpoint management security, particularly for Microsoft Intune users. The primary recommendation focuses on implementing phishing-resistant authentication to protect administrative logins, as standard multi-factor authentication does not adequately defend cloud-based solutions accessible to broad audiences. Organizations should apply least privilege access principles when designing administrative roles and carefully manage personal device enrollment in corporate systems. These defensive principles extend beyond Intune to any endpoint management software, addressing a persistent vulnerability in misconfigured systems that remains a significant security risk.
#endpoint-management-security #phishing-resistant-authentication #microsoft-intune #threat-actor-handala #cisa-guidance
Read at Computerworld
Unable to calculate read time
Collection
[
|
...
]