Securing identities in today’s modern, cloud-forward organization can be a significant challenge. Users have more accounts than ever, and many of those accounts are personal. The best Identity-as-a-Service platforms can only take you so far. At some point, you need your end users to help you protect your company and their identities. The good news is that it is possible to teach your employees how to be more security conscious. The bad news is that it takes work on your part.
Supporting Your Efforts in Securing Identities
Some of the key points to take away for your workforce are as follows:
Add Multi-Factor Authentication To Email And Systems
If somebody gets hold of your machine or your email, you are in trouble. Either one can be a conduit to just about all of your online accounts. These should be the most protected digital assets that you have. Hackers are remarkably smart. If they can pop your end user’s Google Apps account, for example, they likely have the keys to your electronic kingdom.
Use A Password Manager To Build Unique, Long Passwords
Encourage your users to leverage a password manager. It will help them avoid the need to come up with long passwords on their own. If they do need to generate passwords themselves, encourage them to use long passwords. More than any other method, the length of a password determines its ability to be hacked. Longer is better.
Never Share Or Write Down Passwords
Emphasize to your team that sharing passwords or writing them down are complete and absolute no-nos. The temptations are high to share a password with a colleague instead of getting a separate account provisioned. When passwords get too long and complicated, it becomes easier to write them down. This, too, is a mistake. Work with your team to reduce the friction of generating the accounts that they need as well as the tools that they need to manage their passwords.
Limit Social Media Sharing
While it is extremely difficult to ask your team to control their social media sharing, you can encourage some common sense behavior. First of all, they should check their privacy controls. Many social media sites are completely open to the public. If possible, limiting the exposure to a smaller group is helpful. Next, enabling stronger security controls such as two-factor authentication is also helpful. Finally, passwords on social media accounts should most definitely be unique and different from those in use on other IT resources.
Enforcing Identity Management Security
Training your team can be one of the most effective ways to reduce the risk of a security breach. It’s best when this is done in conjunction with identity management tools. For example, teaching your team to use MFA for Google Apps is powerful. Then, enforcing it through GApps ensures that it is put into practices and leveraged. There are a number of excellent Identity-as-a-Service platforms that can support you as your train and enforce identity management security.
JumpCloud’s Directory-as-a-Service® is supporting IT’s efforts to secure identities. To learn more about how JumpCloud’s cloud-hosted directory can help you secure your organization, drop us a note. Feel free to try our Directory-as-a-Service platform for yourself. Your first 10 users are free forever.