By Rajat Bhargava Posted April 25, 2017
Ensuring security of identities is more critical than ever. With over 7,000 identity breaches occurring since 2005 (idtheftcenter.org), there is no question that IT admins are searching for ways to protect their internal IT infrastructure. The number one attack vector has been the compromise of identities, so stepping up security is critical. Due to this threat, a new wave of cloud identity management security platforms is taking protection to the next level.
The concept behind cloud identity management security is to ensure that only the right people have the appropriate access to IT resources, including systems, applications, and networks. There are two major challenges that IT organizations face – ensuring that only the right people have the appropriate access, and that the granted access never falls into the wrong hands.
The Cloud Based Identity Management Solution
One solution to these challenges is a cloud identity management platform such as Directory-as-a-Service®. DaaS is a central database for user identities and authentication. User credentials are stored securely within the database and connected to IT resources, which can then be checked with the cloud directory service to ensure that the person should have access. By centrally managing access, IT admins can ensure that only the right users are able to access resources. It also allows for quick and easy revoking of access to a specific set of IT resources or to the entire user account. Controlling access to IT resources may be one of the most significant tasks that IT manages, and Directory-as-a-Service makes that task easier than ever.
The other part of the cloud identity management problem is ensuring users keep their credentials secure. Historically, end users have been lax with the security of their credentials. Often times, users will end up taking the easy path and choose easy passwords or even store them on sticky notes. They will often reuse passwords across both their personal and professional accounts. All of these practices increase the risk of a compromise.
Focusing on Identity Security
Cloud identity management platforms like JumpCloud’s can aid greatly in the battle to keep identities secure. With Directory-as-a-Service, the first measure of security taken is password hashing. The cloud directory system will store the identities as a one-way hash, instead of encrypting the password. This reduces the chance that a password can ever be reverse engineered.
Second, IT admins can enforce a number of password complexity standards to increase the strength of passwords and reduce the chances that employees will reuse a password. Directory-as-a-Service can also help manage SSH keys, encouraging users to leverage keys wherever possible.
A third key area is to utilize in JumpCloud’s cloud hosted directory is Multi-Factor Authentication (MFA). MFA is a dramatic step-up in security and should be utilized wherever possible. Being able to ensure that a user is who they say they are is a vital ability to have, and is why user authentication is a core part of the value of our cloud identity management platform. JumpCloud takes security very seriously.
Learn More About Cloud Identity Management Security
If you are concerned about the security of your identities, drop us a note. We’d be happy to talk about cloud identity management security, and what you can do to bolster the security of your IT infrastructure. We can also help you think about the best ways to train your employees to be vigilant as well. JumpCloud’s Directory-as-a-Service has a strong focus on your security, and you can try our cloud identity management platform for free to see for yourself. Sign-up for an account today and your first 10 users are free forever.