Compromised user credentials can put your business at risk.
Is digital identity management a priority for your tech team?
Modern IT environments are becoming increasingly complicated. Cybercriminals are finding new and sophisticated ways to cause harm. It’s never been more important for businesses to manage user identity and user access. And many cybersecurity experts agree that usernames and passwords, however strong, are not guaranteed to keep out the crooks.
Alex Weinert (group programme manager for identity security and protection at Microsoft) spoke about the prevalence of breach replay attacks (trying stolen passwords from other sites), password spraying (trying common passwords against known account lists), and phishing (tricking users into revealing passwords) at the Microsoft Ignite event in 2017. He stressed that password information was the common denominator.
And there’s a reason why… As humans, we’re often predictable. And lazy. How many logins do you have for your various web tools at work? Five? Ten? Are you using a unique password for each one? Or your favourite, easy-to-remember term? Or whatever’s literally at your fingertips? Some of the most common passwords are collections of letters or numbers found on a typical keyboard. It’s not a safe practice, but it’s happening all over.
SplashData compiled a list of the world’s worst passwords after reviewing the five million that were leaked last year. The number string 123456 took the top spot, with four variations (12345678, 12345, 123456789 and 1234567) in the top 10 alone. Other popular choices included password (sometimes a default setting left unchanged) and qwerty (a letter string from the top row on a keyboard). Such evidence certainly makes it easier to understand how hackers are exploiting human nature for their own gain.
The risks are real
Cybercrime reportedly cost the world $600-billion last year, and the evolving threat landscape has prompted cybersecurity experts to re-examine digital identity management.
How many of your digital accounts require something over and above your username and password? Do you access secure files and folders with a one-time password delivered via text message? Do you unlock your office laptop with a fingerprint or iris scan?
From multi-factor authentication to biometric identification, your digital identity is being defined and regulated to give you the right access to the right assets at the right time.
Why is digital identity management important?
The management of an individual’s digital identity is particularly necessary in the business environment, where it’s crucial to govern both users and their degree of access to networks, applications, and sensitive data. Your IT personnel must be able to maintain, modify, and monitor all users, their profiles, and their access permissions (or restrictions) from the moment they join your organisation until the day they depart permanently.
Existing digital identity and access management systems give IT administrators the tools and technologies they need to create user identities, assign user roles, grant (or revoke) user privileges, and track user activities – continuously, from a central dashboard. And if you think about the way we work today, you’ll start to appreciate the indispensability of these controls.
How many of your employees use in-house software to perform their daily duties? How many of them use cloud-based applications? Do they use corporate hardware (like desktop computers) or their own devices (like laptops and smartphones)? Do they use secure internet connections, or public Wi-Fi? Are you confident that the identity and access protocols you have in place will safeguard the integrity of your company’s most important information assets?
Strengthen your identity infrastructure
A simple, scalable identity management system should be a core component of your security architecture.
If you’re concerned about password breaches, network vulnerability, or the growing risk of cybercrime, talk to us about an audit or in-depth assessment today. We have offices in Cape Town, Durban and Johannesburg.