Businesses of all sizes are favourable targets for cybercriminals, and without the right security measures in place, your business could experience serious damage. Not all cybersecurity tactics need to be complicated. In fact, we’re sharing some best practices that can help your business prevent sophisticated attacks- starting with adopting an identity-centric approach to security.
Implement Multi-Factor Authentication (MFA)
Passwords are low-hanging fruit for hackers; they are hard for users to remember and for IT to secure. Requiring MFA is a critical security control that can reduce the risk of unauthorized access when passwords are stolen or compromised. There are several user authentication methods available for MFA — but not all MFA methods are equal. Using SMS or text messages as the authentication method for MFA is vulnerable to compromise as the one-time codes can be easily intercepted or phished using readily available online resources such as SS7 intercept services or Modlishka.
Mobile “push” notification is a more secure authentication method for MFA because it can not be intercepted by hackers. A trusted MFA solution that offers this “push” notification to verify your identity is Cisco Duo. Click here to read more about Cisco Duo’s zero-trust approach to MFA.
Reduce Reliance on Passwords With Single Sign-On (SSO)
An average enterprise uses over 1,000 cloud apps today, and employees typically need to access more than 10 apps to perform their daily tasks. That’s too many passwords for humans to keep track of and results in password fatigue.
In the future, providing a passwordless authentication option wherever possible will mitigate many password‑related problems, but for now, implementing single sign-on (SSO) along with MFA is a great way to start the passwordless journey without compromising on security.
Maintain a Detailed Device Inventory
Many organizations are embracing varying levels of Bring Your Own Device (BYOD), and this trend has been exacerbated by the recent boom in remote work. BYOD enables employees to use multiple devices, including personal devices, for work. Multiple devices mean multiple operating systems and their versions. The right tool should help IT teams to maintain an up‑to‑date inventory of all devices and the associated users.
Verify Device Trust as Part of the Authentication Workflow
The authentication workflow must take into consideration the security status of the device used and grant access only if it meets the requirements set by the organization. Major operating systems regularly issue critical security patches that need to be installed. Verifying that updates are installed prior to granting access adds another layer of security. For critical internal systems, access must be granted only to company-managed devices. For hackers, this raises the bar that they need to clear in order to successfully gain access to internal systems.
Organizations can significantly reduce the risk of a targeted phishing attack by limiting access to internal systems only from managed devices and preventing access from risky or unknown devices, even when the user’s credentials are used, combating compromised credentials.
Enforce Adaptive Access Policies
Context is everything when it comes to securing access. Implement granular policies for each application when possible to provide the right level of access by taking into account the user’s role, location, network and trustworthiness of the device before granting application access.
Continuously Monitor for Unusual Login Activity
Leverage user behaviour analytics to flag and triage suspicious login activities such as access from a new location or a new device — which could be indicators of a potential breach. These alerts can be used to automatically block access, or generate a service-desk ticket for remediation or escalation.
There’s No Silver Bullet for Security
Social engineering and spear phishing are successful because they exploit the human element of an organization’s security. There is no silver bullet for security, and cyber attacks are becoming increasingly common. Hence it is important to adopt and implement an “assume compromise” or a zero-trust philosophy to security where credentials are assumed to be compromised and every access request needs to be authenticated with the appropriate level of security.
AlphaKOR can help you get started on improving your organization’s security posture. Contact us today!