Story image

Seven ways identity and access management can take the edge off data risk

02 Nov 17

Data breach reporting regulations are becoming commonplace in many countries including Australia and as a result, organisations need to increase their identity and access management (IAM) maturity.

According to Centrify, the risks arising from breaches and breach reporting can be reduced if organisations take action.

Reported data breaches could damage both shareholder and customer loyalty – you only need to look at how Verizon slashed its offer to acquire Yahoo.

“A breach can wipe out company value, as we saw it with Yahoo!’s acquisition price devaluation of $350 million after its data breaches were announced,” comments Centrify’s senior director of APAC sales, Niall King.

“A recent Ponemon research study found that stock prices fall an average of five per cent and customer churn can increase as much as seven per cent after a data breach is disclosed. The stakes for properly securing access to corporate resources and handling security incidents couldn’t be higher.”

Another study by Forrester Consulting found that two thirds of organisations have been breached in the last five years. Those without a mature IAM approach experienced twice as many breaches and around $5 million more in costs.

To help organisations improve their cybersecurity defences, Centrify outlines seven best practices:

- Consolidate identities: According to Verizon, 80 per cent of breaches are due to compromised credentials. It’s critical to develop a holistic view of all users and strengthen and enforce password policy, or eliminate passwords, where possible

- Enable Single Sign-On (SSO): Single Sign-On to enterprise and cloud apps, combined with automated cloud application provisioning and self-service password resets, cuts helpdesk time and cost, and improves user efficiency

- Implement Multi-Factor Authentication (MFA) everywhere: Multi-Factor Authentication, including third parties and the Virtual Private Network (VPN) that adapts to user behaviour, is widely acknowledged as one of the most effective measures to prevent threat actors from gaining access to the network and navigating to target systems

Audit third party risk: Outsourced IT and third party vendors are a preferred route for hackers to access corporate networks. Conduct audits and assessments to evaluate the security and privacy practices of third parties

- Enforce least-privilege access: Role-based access, least-privilege and just-in-time privilege approval approaches protect high-value accounts, while reducing the likelihood of data loss from malicious insiders

Govern privileged sessions: Logging and monitoring of all privileged user commands makes compliance reporting a trivial matter and enables forensic investigation to conduct root cause analysis, and

- Protect the inside network: Network segmentation, isolation of highly sensitive data and encryption of data at rest and in motion provide strong protection from malicious insiders and persistent hackers once inside the firewall.

What MSPs can learn from Datto’s Channel Ransomware Report
While there have been less high profile attacks making the headlines, the frequency of attacks is, in fact, increasing.
Cisco expands security capabilities of SD­-WAN portfolio
Until now, SD-­WAN solutions have forced IT to choose between application experience or security.
AlgoSec delivers native security management for Azure Firewall
AlgoSec’s new solution will allow a central management capability for Azure Firewall, Microsoft's new cloud-native firewall-as-a-service.
How to configure your firewall for maximum effectiveness
ManageEngine offers some firewall best practices that can help security admins handle the conundrum of speed vs security.
Exclusive: Why Australian enterprises are prime targets for malware attacks
"Only 14% of Australian organisations are continuously training employees to spot cyber attacks."
Exclusive: Why botnets will swarm IoT devices
“What if these nodes were able to make autonomous decisions with minimal supervision, use their collective intelligence to solve problems?”
Bitdefender announces security integration with Kaseya
The new partnership will allow VSA by Kaseya’s cloud and on-premises users to deploy and manage security with Bitdefender Cloud Security for MSPs.
Why you should leverage a next-gen firewall platform
Through full lifecycle-based threat detection and prevention, organisations are able to manage the entire threat lifecycle without adding additional solutions.