By Rajat Bhargava Posted May 6, 2015
Identities are one of the most sought after corporate resources. Smart hackers know that they only need to get the right credentials and they will have access to the entire enterprise.
IT admins are at the center of this issue. They feel the pressure to ensure that their networks are secure and identities safe. In addition, because IT admins usually have tremendous privileges across the organization’s entire infrastructure, they are often the targets of hacks. So they have to be extra vigilant about their own credentials to prevent identity theft.
Even though it is a daunting challenge to protect identities, it doesn’t have to be a losing battle. There are techniques that IT admins can put into place to greatly enhance their security. Here are three different techniques that IT admins can put in place right away and cut their level of risk.
3 Techniques IT Admins Can Use to Stop Identity Theft
(1) Smart Password Management
Force your users to have better password management.
Users are going to generally take the path of least resistance, so up your game. Make your corporate passwords long. Research shows that the longer the better. Complexity is a nice add-on, but length is of primary importance.
Oh, and a side-benefit of long passwords: they are harder to remember and they will force your team to implement a password manager, which will drive more secure password usage.
Another tip while we are talking about password management is to force users to come up with different passwords often. Every 30 days they should be changing their password and you shouldn’t let them use previous passwords (say the last 5). This will automatically help make sure that their personal account passwords won’t match their corporate passwords. That’s important because when a site that your employees use personally is compromised, it could end up compromising your organization as well.
Make it harder for attackers to leverage the credentials that they have for your network. JumpCloud’s Directory-as-a-Service® solution can help you address this by giving you the tools to require strong passwords, regularly rotated across your enterprise.
(2) Don’t Run Multiple Directories
It’s easy to have multiple directories littered all over your organization. You might have one for your on-premises equipment, but then another for your cloud infrastructure. Maybe you have several others for applications that you employ either on-premises or in the cloud.
That’s okay. Just realize that every time you create another set of user credentials somewhere, you are creating yet another directory.
When an employee leaves the organization, that means you need to backtrack and delete the user off of every place that you gave them access. As you start having multiple places to delete, the changes for a missed entry or mistake increase. The upshot: a user could still have access to critical resources well after they have been terminated.
That’s a risk that you don’t want. Luckily it can be easily solved. Implement a central directory service like JumpCloud and you’ll eliminate all of those extra directories. Provision and de-provision access from one location easily and simply.
(3) Enable Multi-Factor Authentication Everywhere You Can
Keeping passwords safe is critical for security, but you needn’t rely on passwords alone. Today, you have any number of options to add a second factor of authentication to enable access. One of the most common methods is authentication through a code that is sent to your phone.
This is a huge step up in security. It forces a would-be attacker to not only have your credentials, but to also have your phone. That’s not likely. If your phone is stolen, you can deactivate things as well so it becomes a trigger to further lock down your accounts.
Often when passwords are stolen, the theft isn’t noticed until much later. Adding MFA to a device or application means that you have seriously stepped up your protection.
Stop Identity Theft with JumpCloud
Stealing corporate identities is one of the scariest risks that a business can face. Just look at Sony, Target, eBay, and the many, many others of the companies that have faced corporate identity theft.
It doesn’t have to be an uphill climb for IT. There are things that you can do right now to level up your security and make it so that it is exponentially harder for an attacker to gain your user’s credentials. Follow the three steps above and you’ll be making significant progress.
Reach out to us, and find out how we can help!