Protection Against Data Breaches

Today, organizations face the challenge of protecting data in more places including the cloud, mobile, emerging platforms, and legacy applications. And the volume and velocity is also increasing. The bad news is that organizations of all verticals and sizes are being hit with data breaches. Ponemon reports the average total cost of a data breach rose from $3.62 to $3.86M, an increase of 6.4 percent. However, the same study reports companies that contained a breach in less than 30 days saved over $1 million vs. those that took more than 30 days to resolve.

While you're fortifying your defenses as the ubiquity of data increases, it's vital to realize that many of these data breaches are identity-based attacks; in fact, 81% of data breaches involve stolen/weak credentials. It's time to take proactive steps to combat data breaches.

Use this checklist for strategic and tactical tips to protect against data breaches.

Centralize Identity

Organizations today have thousands of applicationseach with an account and password. Managing so many accounts and passwords is a growing challenge. Many of your employees use the same and often weak passwords with multiple accounts. Unfortunately, hackers know this weakness and exploit it.

• Centralize your accounts and access with a single sign-on.
• Consider eliminating passwords where possible.
• Enable strong, unique passwords everywhere else.

Implement Strong Authentication

Even if you have strong passwords, these passwords can still be phished and stolen. Strong authentication helps harden and fortify access to your organization's most important asset: data.

• Implement Multi Factor Authentication (MFA).
• Harden authentication to as many places as you can. Sometimes a hacker gets in with a stolen identity and then takes advantage of privilege access escalation.
• Enable an MFA solution with adaptive capability. This technology can help make intelligent, contextual access decisions based on device and connection attribute. Overall, this increases usability by reducing end-user burden so they don't prompted all the time, but only when needed.

Reduce Attack Surface

Users leaving your organization can result in "zombie" accounts (forget to deprovisioned), which can create an open attack surface. Your enterprise also many have users/employees changing roles that can accidentally create excess privileges. As an example, an employee who moves from Payroll to HR may still have access to W2 information and thus, leaving that person's account open as an opportunity for attackers. Overall, you want to automate provisioning and de-provisioning for when users leave the organization or change roles.

• Automate provisioning and deprovising when possible. When you automate the onboarding and off-boarding process, you don't have to remember to update roles/permissions or deactivate accounts.
• Enable reporting so you can see who/what groups has access to apps or if the access is over privileged.
• Make sure the right people have the right level of access for their role

Enable Visibility and Response

While there's always going to be security gaps, you can be proactive in tightening your security grid as much as possible.

• Augment your visibility to see what's going on with identity data. That means knowing who was impacted by a breach, what applications/accounts were accessed) etc. For example, maybe you're getting several failed authentications from a specific IP address, which could be flagged for investigation and response.
• Correlate identity data with other security logs/data for greater visibility
• Enable faster response with identity e.g. revoking access to application / prompting for step-up authentication in the case of suspicious events/incidents