Identity Management Day has come and gone, but there is still much to reflect on when it comes to how companies and consumers can protect their digital identities and ensure that data remains secure. In this article, Anurag Kahol, CTO, Bitglass, discusses password risks, regulatory compliance, and identity and access management (IAM) best practices.
In today’s connected world, every user and entity has a unique digital identity based upon their online presence. This may include social media activity, healthcare and financial records, demographics, login credentials, web history, and more. Like any physical form of identification, digital identities must be protected at all costs to prevent identity theft or fraud.Â
Unfortunately, the massive influx of data on the web has made this increasingly difficult. The acceleration of digital transformation efforts this past year also introduced new opportunities for sophisticated threat actors. As technology continues to advance, securing sensitive data must be a top priority for organizations.
Learn More:Â The Current State of MFA and Why You Might Not Be As Protected As You Think
Passwords Are a Continuous Risk
Early last year, Marriott suffered a data breach after a threat actor hacked into two employee accounts and accessed the personally identifiable information (PII) of 5.2 million hotel guests. This data breach stands amongst countless other security incidents that were a result of account compromise. In fact, more than 80%Opens a new window of hacking-related breaches are tied to misplaced or stolen credentials. Enforcing regular password resets may seem like the ideal solution to the problem, but this would only serve as a temporary fix as users would likely use their new passwords across other accounts.Â
Password reuse has become common malpractice as memorizing numerous, complex passwords is both difficult and inconvenient. Stronger authentication controls can help organizations keep sensitive data secure and therefore maintain compliance with increasing regulations.
Data Privacy Regulations Are Here To Stay
For companies like Marriott that collect and store massive amounts of customer information, data security and brand reputation are interrelated. Every business carries a responsibility to its customers to protect their data, whether it is to gain their trust or remain compliant with regulations. Some privacy laws like the European Union’s General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA) have been in place for some time now. Others that were recently passed include the California Privacy Rights Act (CPRA), an extension of CCPA, and the Virginia Consumer Data Privacy Act (VCDPA) that passed in March of this year. There has also been recent discourse about a national privacy law in the United States that would hold all states equally accountable for the misuse of consumer data. There will undoubtedly be more regulations implemented to address data privacy issues.Â
The implementation and discussion of new laws highlight the ongoing data privacy dilemma. Enterprises that fail to comply with these regulations can face steep fines and could even risk losing their businesses forever.
Learn More: How To Stop the Credential Theft Problem: A Comprehensive Approach
Best Practices for Identity and Access Management
To keep up with the evolving security landscape, consumers and businesses must work together to ensure that corporate and personal data remains secure. Passwords, no matter the size, complexity, or uniqueness, will always pose a risk. Companies must rethink their cybersecurity strategies to efficiently mitigate threats and stay in line with data privacy regulations while streamlining the entire login process.Â
Here are some identity and access management (IAM) tips to ensure employee and customer identities are properly verified.
1. Enable multi-factor authentication (MFA) and single sign-on (SSO)
Memorizing dozens of long passwords is an impractical task. Fortunately, solutions exist today to reduce the risk of account compromise while enabling a seamless login experience for users. MFA enables an added layer of security. For example, through an SMS token sent via text message or through a third-party app like Google Authenticator. Without a second form of authentication, the user will not be verified and will not be granted access to the account. Through SSO, users can access a variety of independent cloud resources by logging into a single portal.
2. Know your users
To confirm if a user is truly who they claim to be online, it is critical that organizations continuously monitor their employees’ network activity and behavior to detect any abnormalities. For instance, if an employee signs in at 9 a.m. every Monday through Friday from their home IP address, but suddenly logs in at 10 p.m. on a Saturday night from a different location, this behavior would be deemed suspicious. Through context-based, step-up authentication, organizations can confirm users’ identities as needed depending on their locations, devices, and day-to-day activities. This will also give companies greater security for data access no matter where it occurs.
3. Stay informed
Even with all of the right solutions in place, a security strategy is incomplete without educational resources. Companies must enforce cybersecurity training programs for all employees to inform them about rising threats, and teach them how to effectively manage their data and safeguard their digital identities (as well as those of their customers, by extension).
With the above considerations in mind, organizations can proactively defend against unauthorized access and protect all sensitive data stored across their modern IT ecosystems. Beyond company policies, consumers must take it upon themselves to stay updated on the latest identity management trends and cyber risks. Now that our daily lives revolve around the internet, identity management awareness has never been more critical.
Let us know if you liked this article or tell us on LinkedInOpens a new window , TwitterOpens a new window , or FacebookOpens a new window . We would love to hear from you!