Identity Management Day Resources
Identity Management Day is to educate business leaders, IT decision makers and the public on the importance of identity management and key components including governance, identity-centric security best practices, processes, and technologies, with a special focus on the dangers of not properly securing identities and access credentials.
This annual awareness event is founded by the Identity Defined Security Alliance and supported by the National Cybersecurity Alliance.
Tips and Resources for Organizations
The mission of Identity Management Day is to educate business leaders and IT decision makers on the importance of identity management and key components including governance, identity-centric security best practices, processes, and technology, with a special focus on the dangers of not properly securing identities and access credentials.
“Small businesses often struggle to develop and implement a plan for securing their identities due to a lack of time and resources,” said John Reade, Information Systems Director at Quanterion Solutions. “A strategy for securing digital identities may involve identification of the need; planning, developing, testing and implementing the response; and finally, monitoring and maintaining the procedures and any software used. Those steps can become overwhelming for small businesses with staff shortages, small budgets or limited time. However, securing identities can be tackled one project at a time.”
Small organizations can fill in the gaps with identity management best practices.
“Setting up multi-factor authentication, using password managers, creating processes for identity data management, and scheduling automatic updates are all a great place to start,” Reade said.
See below for resources organizations to manage and protect user identities.
Office 365: Worth the Switch for Identity Management?
If you are planning to migrate to Microsoft Office 365, chances are identity management is one of your top concerns as you prepare to move scores of users over into a new platform. This Identity Management Day, Quanterion analyzed Office 365’s basic identity management features to determine if the cloud subscription is more secure than its on-premise predecessor. Learn more about Office 365 and identity management.
What is Federated Identity Management?
Interested in improving your company’s identity management? If your company is large, you may want to consider federated identity management.
Learn what federated identity management is and how it may be beneficial to your organization.
Protect Your Business from Phishing Attacks
Phishing is the most common cybercrime of 2020, according to the FBI, placing organizations and individuals under an increased threat of stolen or compromised data, assets, identities and systems.
Although the threat landscape has worsened, the fact that businesses remain a target for scammers has not changed. Help your organization protect against phishing attacks with these tips.
How Businesses Can Put Privacy First
According to the Pew Research Center, 79% of U.S. adults report being concerned about the way their data is being used by companies. Respecting consumers’ privacy is a smart strategy for inspiring trust and enhancing reputation and growth in your business. Learn from the National Cybersecurity Alliance how you can put privacy first in your organization.
Quanterion’s Commercial Cybersecurity Solutions
Quanterion offers assistance with managing user identities, and can help your organization determine the required level of protection for your system(s) and data. Risk assessments, compliance framework support, and assistance with security policies are examples of other cybersecurity services Quanterion can provide customized to your organization’s needs.
Learn more about Quanterion’s commercial cybersecurity solutions.
Tips and Resources for Consumers
The following tips have been provided by the National Cybersecurity Alliance with multiple resources by the same organization as well as Quanterion Solutions Incorporated.
Configure security settings
Every time you sign up for a new account, download a new app, or get a new device, immediately configure the privacy and security settings to your comfort level. Check the settings on old accounts and delete any apps or accounts you no longer use.
Why? Attackers are likely to try the default login information for internet connected devices – typically admin – to try and gain access. While the default settings for most online accounts provide the website owner with the most information for a personalized experience, loose privacy settings could mean your data is being shared without your knowledge.
Resource – Get started with the National Cybersecurity Alliance’s Manage Your Privacy Settings page to check the settings of social media accounts, retail stores, apps and more.
Think before you click
If you receive an enticing offer via email or text, don’t be so quick to click on the link. Instead, go directly to the company’s website to verify it is legitimate. If you’re unsure who an email is from—even if the details appear accurate—or if the email looks “phishy,” do not respond and do not click on any links or open any attachments found in that email as they may be infected with malware. Report phishing to your organization’s IT department or your email provider.
Why? Attackers often send fraudulent email and text messages, referred to as phishing, in order to trick individuals into providing information such as usernames and passwords, or to download malware.
Resource – 3 Fundamentals for Shoring Up Phishing Defenses
Share with care
Think before posting about yourself and others online. Consider what a post reveals, who might see it and how it might affect you or others. Consider creating an alternate persona that you use for online profiles to limit how much of your own personal information you share.
Why? Personal information readily available online can be used by attackers to do a variety of things, including impersonation and guessing usernames and passwords.
Resource – The Value of Personal Data
Use multi-factor authentication (MFA)
MFA will fortify your online accounts by enabling the strongest authentication tools available, such as biometrics or a unique one-time code sent to your phone or mobile device.
Why? At least 15 billion passwords are for sale on the Dark Web. A second method of authentication provides extra protection even if a username and password is compromised.
Resource – Get Familiar with the Cyber Basics
Download a password manager
Use password managers to generate and remember different, complex passwords for each of your accounts. 57% of workers write down passwords on sticky notes, and 62% share passwords via SMS and email, according to Keeper Security. Password managers offer secure ways to send passwords and other login credentials to family members or coworkers.
Why? Duplicating passwords or using common passwords is a gift to hackers. If one account is compromised, a hacker will typically try the same username and password combination against other websites through “password spraying.”
Resource – Worst Passwords of 2020
Update your software
Keep all software on internet connected devices – including personal computers, smartphones and tablets – current to reduce risk of infection from ransomware and malware. Configure your devices to automatically update or to notify you when an update is available.
Why? Software updates often fix security flaws. Outdated software can be riddled with security holes easily exploited by attackers.
Resource – Digital Spring Cleaning – Protect Your Devices and Data
Learn more about Identity Management Day.
Follow Quanterion on social media to access cybersecurity resources, tips, and more.