No matter how secure you make your IT, you do to some extent have to rely on the users to handle their access responsibly and safely. Every identity is a possible point of failure — but this doesn’t mean you have to accept these failures. It just means you have to have a good Identity and Access Management (IAM) plan.
Have a Strong Password Policy
Having a strong password is advice repeated all the time, but the fact is it still needs to be. Simple, easily guessable passwords still top lists of the most common passwords — “123456”, “qwerty”, etc. Users may not be aware that many other common password techniques are easily crackable and may use the same password across multiple services.
Enforce password best practices in your organization. Mandate an appropriate level of complexity and emphasize the importance of keeping passwords secure.
Give Only Appropriate Permissions
There come times where it’s tempting to take a shortcut and elevate an identity’s access level to a higher level than they need just to ensure that it’s able to access what it’s actually supposed to. But this is risky. Even if you’re certain there’s no chance of insider threat, you open yourself to more damage than you need to should the identity be compromised.
Wherever Possible, Audit Identity Activities
Should something go wrong, you need to know where and why both so you can halt an ongoing breach, and protect yourself from a possible repeat. By auditing your accounts and knowing what your identities are up to, you’ll be able to pinpoint the issue and take action.
If you’re using Microsoft 365, this is simple. Just go to your Security & Compliance Centre, go to Search & Investigation > Audit log search, and click Start recording user and admin activities. You can also turn on auditing for Exchange Online events.
Make Use of Multi-factor Authorization
Worried about password security? Multi-factor authentication lets you require multiple levels of verification that the right person is attempting to access the account.
In Microsoft 365, you can go to the Access Admin Center, Active Users, and set it up from there that users logging into to Microsoft 365 must also verify through an SMS code.
You now have assurance that even if somebody has stolen the password, they would still need access to the phone number associated with it to gain access to the account.
Make it Easy to Disable Identities
Should an identity become compromised, disabling it quickly to limit damage is important. If you’re scrambling to revoke access in multiple locations and aren’t sure what to do rather than being able to freeze it immediately from one place, you’re increasing the amount of time the intruder has. Worse, you risk missing something and allowing them continued access to those corners of your system.
Know what to do — and know that you can do it with a handful of clicks — and be ready.
Have an Efficient Identity and Access Management Solution
Frustration can drive users to search for workarounds. If your IAM approach results in them sharing passwords rather than wait for the Help Desk to fix a password reset issue or has them using insecure cloud services because they’re having trouble with the sanctioned software, you’re undermining your security.
Ensure your IAM approach empowers by allowing things such as self-service password resets to let users get back to work properly, quickly. Understand where IT may be holding people back and find solutions.
If you want more great tips like these and need a little help configuring your IT for maximum security, check out our new eBook, Secure Business Guide: Meeting the IT Security Challenge. Whether you need a refresher or a starting point, it’s a fantastic way of getting a security boost for businesses of any size.
The challenges never end for CSOs. But if you're looking at anything from a quick security consult to a full scale cybersecurity solution deployment, start here.