As National Cybersecurity Awareness Month ends today, Centrify reminds businesses to implement cybersecurity best practices
Centrify, the leader in securing enterprise identities against cyberthreats, today shared seven tips for enterprises to effectively combat cybercrime. Employee training and cyber awareness, combined with a solid defence strategy and best-in-class cybersecurity tools and software, are essential to reducing the risks of data breaches.
In the modern age, cyber safety is just as important as physical safety. It’s time for every organisation to get proactive with cybersecurity, because every organisation is vulnerable to attack. Cyber risk is present at every level in every company from the break room to the board room. And according to Ponemon’s 2016 Cost of Data Breach Study, the average cost of a data breach is $4 million.
Below are a few best practices for enterprises to effectively combat cybercrime, while reducing IT security budgets:
- Consolidate identities: Sixty-three percent of data breaches involve weak, default or stolen passwords, according to Verizon’s 2016 Data Breach Investigation Report. It’s critical to develop a holistic view of all users and strengthen and enforce password policy, or eliminate passwords, where possible.
- Audit third party risk: Outsourced IT and third party vendors are a preferred route for hackers to access corporate networks. Conduct audits and assessments to evaluate the security and privacy practices of third parties.
- Implement multi-factor authentication (MFA) everywhere: MFA, including third parties and the VPN that adapts to user behaviour, is widely acknowledged as one of the most effective measures to prevent threat actors from gaining access to the network and navigating to target systems.
- Enable single-sign-on (SSO): SSO to enterprise and cloud apps, combined with automated cloud application provisioning and self-service password resets, cuts help-desk time and cost, and improves user efficiency.
- Enforce least-privilege access: Role-based-access, least-privilege and just-in-time privilege approval approaches protect high value accounts, while reducing the likelihood of data loss from malicious insiders.
- Govern privileged sessions: Logging and monitoring of all privileged user commands makes compliance reporting a trivial matter and enables forensic investigation to conduct root cause analysis.
- Protect the inside network: Network segmentation, isolation of highly sensitive data and encryption of data at rest and in motion provide strong protection from malicious insiders and persistent hackers once inside the firewall.
“There is no magic answer to defeating cyberthreats, but with the right strategy, strong security policy and active engagement of all employees, the risk of a cyberattack can be drastically reduced” said Bill Mann, Chief Product Officer at Centrify. “By following the above steps, organizations can reduce cyber risk, improve corporate compliance and gain cost efficiencies.”