Securing Identities – Training Your Workforce In 2016

By Rajat Bhargava Posted September 26, 2016

Securing identities in today’s modern, cloud-forward organization can be a significant challenge. Users have more accounts than ever, and many of those accounts are personal. The best Identity-as-a-Service platforms can only take you so far. At some point, you need your end users to help you protect your company and their identities. The good news is that it is possible to teach your employees how to be more security conscious. The bad news is that it takes work on your part.

Supporting Your Efforts in Securing Identities

Hopefully, JumpCloud® can help, though. We recently held a webinar teaching our fellow IT admins on how to train the workforce around security. You can watch the webinar below:

Some of the key points to take away for your workforce are as follows:

Add Multi-Factor Authentication To Email And Systems

icon-password-complexity-management-12987c580b493c5b6ee67c7ad3a0600c

If somebody gets hold of your machine or your email, you are in trouble. Either one can be a conduit to just about all of your online accounts. These should be the most protected digital assets that you have. Hackers are remarkably smart. If they can pop your end user’s Google Apps account, for example, they likely have the keys to your electronic kingdom.

Use A Password Manager To Build Unique, Long Passwords

SSO Logo

Encourage your users to leverage a password manager. It will help them avoid the need to come up with long passwords on their own. If they do need to generate passwords themselves, encourage them to use long passwords. More than any other method, the length of a password determines its ability to be hacked. Longer is better.

Never Share Or Write Down Passwords

icon-user-management-83d64dab58eb075b359f6127d7e84ae5 (1)

Emphasize to your team that sharing passwords or writing them down are complete and absolute no-nos. The temptations are high to share a password with a colleague instead of getting a separate account provisioned. When passwords get too long and complicated, it becomes easier to write them down. This, too, is a mistake. Work with your team to reduce the friction of generating the accounts that they need as well as the tools that they need to manage their passwords.

Limit Social Media Sharing

social-media-share

While it is extremely difficult to ask your team to control their social media sharing, you can encourage some common sense behavior. First of all, they should check their privacy controls. Many social media sites are completely open to the public. If possible, limiting the exposure to a smaller group is helpful. Next, enabling stronger security controls such as two-factor authentication is also helpful. Finally, passwords on social media accounts should most definitely be unique and different from those in use on other IT resources.

Enforcing Identity Management Security

Explainer Guy JumpCloud DaaS

Training your team can be one of the most effective ways to reduce the risk of a security breach. It’s best when this is done in conjunction with identity management tools. For example, teaching your team to use MFA for Google Apps is powerful. Then, enforcing it through GApps ensures that it is put into practices and leveraged. There are a number of excellent Identity-as-a-Service platforms that can support you as your train and enforce identity management security.

JumpCloud’s Directory-as-a-Service® is supporting IT’s efforts to secure identities. To learn more about how JumpCloud’s cloud-hosted directory can help you secure your organization, drop us a note. Feel free to try our Directory-as-a-Service platform for yourself. Your first 10 users are free forever.

Rajat Bhargava

Rajat Bhargava is co-founder and CEO of JumpCloud, the first Directory-as-a-Service (DaaS). JumpCloud securely connects and manages employees, their devices and IT applications. An MIT graduate with two decades of experience in industries including cloud, security, networking and IT, Rajat is an eight-time entrepreneur with five exits including two IPOs, three trade sales and three companies still private.

Recent Posts