Identity Automation launches credential breach monitoring service

Identity Automation has announced a new compromised credentials monitoring service for K-12 schools and universities.

The service, which adds to Identity Automation's RapidIdentity platform, scans the dark web for hacked usernames and passwords, enabling swift and effective protection against ransomware threats and data breaches, according to the company.

Powered by SpyCloud, the service also alerts school IT administrators to compromised managed identities, including students, faculty, staff, parents, alumni, and external third parties, via a daily status report.

Users can create custom automated responses via RapidIdentity, enabling actions such as monitoring identity information, ending sessions with compromised credentials, locking accounts, requiring a password reset before restoring users’ privileges, or implementing multi-factor authentication for affected users.

Administrators can automatically assign users to pertinent groups and distribution lists, revoke access based on provisioning policies, and more through dynamic role management.

"Preventing ransomware is possible by negating the top attack vector: credentials that have been exposed in data breaches. This service gives schools early identification of compromised accounts, enabling them to take action quickly and prevent cyber attacks that leverage recently-breached identity data,” explained Cassio Mello, senior vice president of business development at SpyCloud.

Identity Automation's credentials monitoring service also includes support for secure remote access and virtual private network (VPN) logins. Additionally, RapidIdentity facilitates single sign-on for security assertion markup language (SAML)-compatible mobile applications.

Institutions can also leverage pre-built connectors for integration with Text/Flat File (csv, xml), web services (SOAP/REST), and command line interface (CLI), among others.

Identity Automation CEO Jim Harold said: "Our compromised credentials monitoring service can help schools avoid the fate of other education organizations that have paid out hundreds of thousands of dollars in ransom or suffered massive data loss from a hacking incident.”

"And because it's integrated with the RapidIdentity platform, IT administrators can automate responses and focus on singular threat vectors instead of analyzing credential issues. This approach is more secure and more efficient."