8 tips for keeping your data safe with Identity and Access Management

With the proliferation of cloud applications, IAM solutions are a necessity.

Identity and Access Management
Thinkstock

Safe and sound

New web applications are making their way into the workplace at an unprecedented rate. By 2017, enterprises are projected to rely on an average of 52 cloud applications at work, leaving employees with a pool of credentials to keep track of. If you don’t take the necessary precautions to keep your credentials secure, your accounts and data are at risk of being compromised. With these tips for good password hygiene and deploying an identity and access management (IAM) solution, you can keep your data safe from the rapidly evolving threat landscape. Richard Walters, senior vice president of security products at Intermedia, offers these tips.

Educate employees on good password management

Educate employees on good password management

While having the same password for all accounts is convenient, it is a surefire way of compromising confidential information. One lost or stolen employee password leaves your organization subject to unauthorized access to data stored in multiple applications, magnifying the damage. Utilizing an IAM solution that automatically creates strong and unique passwords for every account will keep your company and employees’ information safe.

3 solution

Get a robust IAM solution

Make a case for your business to adopt an IAM solution to secure user access to web applications. IAM allows users to access all of their web applications in one place without having to remember the passwords for each and every login.

Identity and Access Management

Get total visibility for audit and compliance

Increase your company’s visibility into user interactions by utilizing an IAM solution that provides audit trails of all user interaction with web applications – from login to logout and everything in between. This allows you to see if your users are adhering to policy or if further controls are needed.

Regular account audits

Regular account audits

All accounts, whether they are individual user accounts or shared accounts (such as the corporate Twitter account shared across the marketing team), should be regularly audited for suspicious activity.

 Add a layer of authentication

Add a layer of authentication

Two-factor authentication generates and sends a unique verification code or push notification to the user after the username and password have been entered as an added layer of protection. This additional authentication prevents someone from accessing your accounts solely with credentials.

Identity and Access Management

Balance trust and risk with context-based authentication

Businesses can enforce simple policies that maintain control over web application access, without impacting productivity and user experience. For sensitive web applications, access can be restricted to trusted locations and/or trusted devices. Ensuring users meet certain contextual requirements at the point an access request is made significantly reduces risk.

Identity and Access Management

Make it easy to add or revoke access

In many companies, IT has to scramble to revoke a departing employee’s access to web apps – and, sometimes, web applications can slip through the cracks. A recent survey found that 57 percent of respondents in the tech industry admitted to accessing, downloading, sharing, deleting or altering company information after leaving a job. Businesses have to stop this from happening. Having the ability to revoke access to all web applications with a single click is a key to helping to ensure that departing employees can’t continue to access enterprise data.

Access control
Thinkstock

Access control

Application shaping gives IT complete control over what each employee or group of employees can see and do within web applications. You can redact or mask data for certain employees, as well as disable or remove specific functions – such as export, share and download. By removing high-risk features, companies can increase security significantly.

RELATED: The CSO identity management survival guide