By Natalie Bluhm Posted March 2, 2019
A decade ago very few were talking about identity security, but today, identities are the number one attack vector used to compromise networks. Not only have data breaches exposed 446 million records in just the last year, but 92% of organizations also have credentials for sale on the Dark Web. So, the growing concern over securing identities is warranted. If you’ve been wondering how to protect against this attack vector, continue reading this introduction to identity security to learn how IT organizations and MSPs can attack this problem.
The Art of Identity Security
Getting a handle on identity security doesn’t have to be difficult. In fact, it is as simple as knowing your enemy and maintaining control over your IT environment (aka knowing yourself). As Sun Tzu put it, “If you know the enemy and know yourself, you need not fear the result of a hundred battles.” ― The Art of War
Know Your Enemy
Today, attackers are no longer focusing their efforts on cracking all of the incredible security technology that the tech industry has been building. Instead, they’ve realized it is much easier and faster to simply compromise the right set of credentials. In other words, they aim to get their hands on a username and password that will allow them to login directly to the network, applications, systems, and other IT resources as that person. After all, why climb in through the chimney, if you can just walk in using a key to unlock the front door. Once a hacker gets their hands on the right identity, there is virtually no limit to what can be done. Consider reading, “Down to the Wire” in the 2017 Verizon Data Breach Digest for an idea of just how creative an attacker can be with a set of credentials.
Now that you know what they’re after and why, what kind of attacks do hackers employ to get these credentials? Well, the mechanisms that these attackers use can include phishing emails all the way to sophisticated social engineering. Regardless of the method, the goal is the same: obtain a user’s credentials.
In addition to understanding the enemy, you also have to know yourself. In this context, what we mean by that is having centralized control over users and their access to all of the IT resources in your environment. When an IT organization has precise control over their IT environment, they can ensure only the right people have access to the right tools. They can also enforce best security practices and know they are being enforced across all users and across all IT resources. Said another way, you can’t defend what you aren’t aware of, so maintaining control is crucial in working to keep the bad guys out.
So how should this knowledge inform an identity security strategy?
How to Protect Identities
Well, smart IT admins and MSPs are making it their business to develop a layered approach to identity security that involves security awareness training and the right tools. They are turning to security awareness training to teach end users about the enemy and what kinds of attacks they employ. End users are essentially the last line of defense in guarding credentials, so they need to be able to identify attacks like phishing and have an understanding as to why certain security measures are important.
In addition to education, IT organizations and MSPs are also turning to next generation cloud directory services. This modern take on identity management enables them to centralize user management to virtually all of their IT resources regardless of protocol, platform, provider, and location. This makes it easy to accurately know who has access to what, and what is being used in an organization. As a result, sysadmins can holistically defend their environment.
Additionally, as a core identity provider for an organization’s user base, it is an ideal place to level up identity security because it offers the following features: setting and managing password complexity, using and managing SSH keys, enforcing multi-factor authentication (MFA or 2FA) wherever possible, and more. These tactics can significantly increase the work that an attacker would need to do to be able to compromise a user’s identity. Couple that with strong security training, and organizations can reduce the risk of an identity compromise.
Ready to go beyond an introduction to identity security? Consider reading this in-depth article on why it’s time to take identity security security seriously. Ready to take action? Start securing identities today by signing up for a free account with JumpCloud® Directory-as-a-Service®. Your first ten users are on us forever, and you’ll have full access to all of JumpCloud’s features. If you have questions along the way, drop us a note, browse our Knowledge Base, or view one of our Video Tutorials.