Identities are the keys to your digital kingdom. Once a hacker gets their hands on a set of credentials, they are limited only by their imagination and creativity for how to use them to their benefit. Hence, it’s crucial to make sure user identities don’t end up in the wrong hands. If this is the first time you’re learning of this or if you need some guidance on how to start protecting identities in your company, we’ve put together this identity security 101 post. Read on to learn more about why identity security matters and some simple steps you can take to protect them.
Why Identity Security Matters
Number One Attack Vector
The first step in protecting identities in your IT organization is understanding why identity security matters. Did you know that in the last year alone over 446 million records have been exposed due to data breaches? That’s enough for the entire U.S. population to have at least one set of records exposed and then some. Some of these exposed records included usernames and passwords for personal online accounts. Given that 61% of end users leverage the same or similar password across all online accounts, there’s a very good chance that a set of credentials used to access work resources in your organization has been compromised. If that’s not troubling enough, there’s also the fact that 92% of companies have credentials for sale on the Dark Web. All of this doom and gloom just goes to show that user identities are the number one attack vector, and as such, it’s crucial that IT organizations have a strategy to secure them.
Another reason it’s important for IT admins to have the responsibility of securing identities has to do with the human factor. If IT admins are not in charge of user credentials, then your end users are, and that’s not ideal because historically they haven’t always prioritized security. For example, a study on the psychology of password management found that most people will only choose a strong password if they are actually willing to sacrifice convenience. It (Read more...)