This article is for customers who are using and managing their HENNGE Cloud Protection services.
Purpose
This article explains how to confirm the details of the compromised accounts on the HENNGE Cloud Protection Admin Console.
Cautions
1. The following procedure requires HENNGE Cloud Protection administrator privileges.
2. Please find the URL of HENNGE Cloud Protection admin UI (or admin screen) and login information from the email sent by the onboarding guide.
3. The display UI screen may differ depending on your device's OS, versions, and module.
4. The content of this article is based on product specifications as of October 2021 and is revised accordingly without advanced notice.
Details / Procedures
About Compromised Accounts Detection Feature
The management feature for compromised accounts allows the admin to manage and detect accounts that are compromised under your company's domain.
HENNGE Cloud Protection works with 3rd party databases to collate Email addresses, passwords, domains (company information), and other compromised information.
Detected information is categorized into the following four severity levels and listed on the portal site for administrators to be notified immediately.
Compromised Email Addresses (Severity level: Low)
It indicates that the Email address or/and the hashed indecipherable password data has been compromised or made public.
Compromised Email Addresses and Accounts (Severity level: Medium)
It indicates that the user has already reset the password after the Email address and plain text password data had been compromised or made public.
Compromised Email Addresses and Accounts (Severity level: High)
Email address and plain text password data has been compromised or made public.
Infected Users (Severity level: Critical)
It indicates that the device that the user used is infected with some malicious software.
Malicious software may be logging all keystrokes.
If the above situation is detected, we recommend to get the account back quickly by updating the password of the targeted account and/or improving security measures such as MFA.
It is possible to notify administrators or affected users of warning e-mails according to severity.
The warning e-mails are sent by default to the administrator and the affected user (for Severity: Medium and above).
Please refer to Modifying HENNGE Cloud Protection Policies for changing setup of notification.
Confirming Compromised Accounts
1. Access the following URL for the HENNGE Cloud Protection Admin Console.
If you want to know how to access the Admin Console, please refer to the following article.
Access HENNGE Cloud Protection Admin Console
2. Click on the [COLLABORATION PROTECTION] - [Compromised Accounts] from the left menu.
3. You can confirm the compromised accounts if they exist.
If there are compromised accounts, you can use the search tool at the top of the screen by inputting the domain name or Email Address and clicking [Refresh] to narrow down the compromised accounts information.