Whether you’ve already taken steps to secure your data and networks or are still weighing up the best ways to bolster your defences, it’s important that you take the time to understand the areas that represent the biggest opportunities to make your business more robust. Here are our top 5 things to consider for better security and access management.
1: Check those back-door entry points
It can be tempting to focus your security attentions on your company’s most valuable assets and systems – your finance systems, current customer lists, and Intellectual property. After all, that’s the information that has value to hackers. To a point that makes sense, but it ignores the way in which hackers go about their activities. They don’t go straight in for the kill, they sniff out your weak points – often unprotected legacy apps, or third-party portals – that give them a way in and can move gradually through your network, slowly building their knowledge of your systems before reaching their objective. Appropriately applied Identity Access Management and Multifactor Authentication can not only stop that initial breach from occurring, but, in the event access is gained, prevent further movement through the network.
2: Ensure users have just the right access levels
It’s a depressing statistic, but, according to Verizon’s annual Data Breach Report, one of the most pervasive causes of data breach is privilege abuse by people from within your organisation, motivated by financial gain or for espionage (perhaps leaving the company for a new employer).
The sad fact is, not all employees can be trusted not to pry into areas they shouldn’t be, so measures need to be put in place to prevent the rogue element accessing data they shouldn’t. That needn’t mean subjecting every staff member to intrusive security measures but putting sensible access levels for different groups in place and monitoring adherence to those measures is a sensible and unobtrusive measure to take. An adaptive Multifactor Authentication solution can be a simple, effective means of managing and monitoring user access, allowing you to assign specific access levels to individuals or groups, update those levels in real-time and monitor failed and successful login attempts.
3: Protect all your networked user devices
The “network edge” that used to define the boundary wall between your business and the outside world is, frankly, a thing of the past. No longer will a simple firewall prevent external actors from accessing your systems. External software, infrastructure and devices are now very much welcomed into the fold, with employees coming to expect WiFi access in the office, BYOD devices straddling the line between personal and professional, and cloud hosted software hosting your accounts and your customer database.
That’s great for users, but a potential nightmare for those charged with keeping your data secure. Ensuring only the right devices have access to your network and only the right people have access to the right cloud applications – without making them jump through hoops – is critically important and needn’t be difficult. Cloud-based Multifactor Authentication does exactly that and does so seamlessly.
SecurAccess’s mobile app can be installed on any user’s device, irrespective of operating system or whether it’s company-owned or personal. It also integrates seamlessly with web apps, making logins to the likes of SalesForce or Office365 both intuitive and more secure.
4: Are you being sold gimmicks or true security?
Some security solution providers make some astonishing claims sorts of claims about their solutions, while others add exotic sounding features to gain some PR column inches. That can make it difficult to understand exactly what you need.
At SecurEnvoy, we like to focus on what really matters, and that’s ensuring our customers have robust, proven and frictionless multifactor authentication solutions that meet the highest standards set by international bodies and standards such as GDPR, PCI DSS, HIPAA, to name a few.
Check with your providers whether their solutions’ features are recognised by regulators, trade organisations and big businesses as offering the expected levels of security and compliance. You might be surprised which ones aren’t.
5: Does adding security mean increasing complexity for users?
When you’re really trying to tighten up your security – especially when up against time to meet regulatory deadlines, it can be easy to overlook the importance of minimising disruption to your users.
Many companies have found out the hard way that this is one compromise that can come back to bite you: If security measures add delays to their day-to-day tasks – for example by demanding multiple or complex passwords, or slowing down access to the information they need to do their jobs, users will naturally look for alternative methods of doing things -perhaps storing data on personal USB sticks, exporting information into unsecured areas, or re-using / sharing passwords. And if that happens, control over your data and systems security can be seriously compromised.
The best means of preventing this from happening is providing multifactor authentication and identity access management solutions that are as frictionless as possible and are able to adapt to user preferences. Users now expect to use mobile devices, and tools such as NFC, to access their personal information outside of the office, and this is now becoming the norm inside the office too.
With the right implementation, users can sign on to their machine once – using a mobile device as their secure authentication tool – and enjoy single-sign on access to all the tools and data they need. SecurEnvoy’s development philosophy can be summarised as “Authentication your way” – that means our focus is always on making your MFA solution as intuitive as possible for your end users, and that what our customers tell us makes the difference in user adoption.
If you need help understanding any of the above points in relation to your own MFA requirements, please get in touch with us at firstname.lastname@example.org or call +44 (0) 845 2600010