Businesses have had to cope with an increasing number of cyberattacks in recent months, bringing cybersecurity and data loss prevention solutions into the spotlight. In a blog post written last week, Microsoft partner and CGI vice president of global cybersecurity John Proctor expressed the need for companies to employ identity and access management techniques. IAM allows for enterprises to keep better track of who is accessing important business information and grant system permissions on a more discerning basis.
“Allowing users to login simply with a username and password is a grave error, as attackers are finding it increasingly easy to crack passwords of all types,” wrote Proctor. “Frankly, the password is dead.”
Moving to Multifactor Authentication
Multifactor authentication for enterprise networks is an important step that helps to ensure only approved parties are accessing information. Three factor programs are of particular use to government agencies and companies that deal with high-volumes of sensitive data. Proctor suggests using three factor authentication that incorporates something you have, such as a physical key card or token that is plugged in to the device to prove identity, something you know, such as a password or answer to a question, and something you are, a biometric measure such as a fingerprint or retina scan.
Logins that require smart cards allow for stronger IAM, and card-based solutions for laptop and desktop computers supported by Microsoft Windows and Microsoft Active Directory are already available. Biometric-based multifactor authentication is an easy way for companies to make BYOD practices safer. Employees can have a fingerprint scan login installed on their personal device by an organization’s IT department, allowing for better protection of sensitive work information.
Implementing encrypted email signatures is another IAM technique that can help to protect companies. An encrypted signature can be added to all business communications, creating an audit trail that can be followed in case of any issues, making it easier to discover where the problem occurred.
Growing Need For IT Security Skills
Individuals with the expertise and skills to implement these new types of security features are increasingly in demand with companies hoping to fight off a devastating data breach. IT professionals hoping to add to existing knowledge can take security training courses at computer learning centers and take courses for Microsoft exams or CCNA security training. There has never been a better time to begin an education in cybersecurity, as the demand in the business world will only continue to grow. Learn more about the growing need for IT security professionals in our last post.