Blog
Recent
LastPass For Admins

How Identity and Access Management Reduces the Risk of a Breach

LastPassApril 30, 2020
As many organizations work remote and look for ways to secure their remote workforce, a surge in cyberattacks also threatens to destabilize or ruin businesses. According to the United States’ FBI, cybercrime reports have quadrupled during the pandemic so far, while the US Federal Trade Commission reports that Americans have lost at least $12 million to scams since January. Gartner’s recent Business Continuity Survey shows only 12% of organizations are highly prepared for the impact of coronavirus. IT departments need to evaluate the increased threat of data breaches and cybercrime, and invest in preventative measures to reduce their organization’s risk. Eliminating password security risks Poor password hygiene is a well-documented contributor to data breaches. According to the 2019 Data Breach Investigations Report (DBIR), 80% of data breaches can be traced to weak, reused, and stolen credentials. Every password-protected account in use is a potential entryway for attackers to gain a foothold in the organization and escalate an attack. Enterprise password management (EPM) reduces or eliminates poor password practices. By offering workers an easy way to create, store, retrieve, and manage passwords, a business can eliminate the risk and the associated consequences of breach that comes from guessable, duplicate passwords. Even more impactful is the line of sight that IT gains into the password security across the business, with real-time visibility at the individual and organizational level into password hygiene and related risks. Both IT-managed services and those hidden from view (shadow IT) are secured and overseen by EPM. Since an EPM solution is built to be implemented and scaled across a remote workforce, it’s an ideal way for organizations currently facing cyber security concerns to start reducing risk quickly. Connecting the right person to the right resource every time Understanding who has access to what is just as essential to security as strong passwords. Even with strong passwords in place, IT needs to ensure that employees have access only to what they need to do their jobs. Mismanaged access exposes data and resources that can be abused or stolen – whether those threats are internal or external. In fact, the DBIR reports 34% of data breaches were perpetrated by internal actors, and 21% of all breaches were due to people simply making mistakes. IT shouldn’t overlook the impact of reducing avenues for mistakes and opportunistic attacks. A single sign-on (SSO) solution replaces passwords with a secure protocol that connects workers behind the scenes to their assigned resources, thus eliminating the risk of a data breach associated with mismanaged access. IT controls which apps and services each employee or group of employees has access to. Access can be given or revoked in real-time, and employees enjoy ease of access with only one password that connects them to all apps. By limiting a worker’s access to what’s essential for their job, mistakes can be prevented, and would-be thieves can be foiled. Blocking unauthorized and suspicious activity When it comes to external threats, a layered approach is more effective. A username and password provide basic protection, but they are static pieces of data that can be shared, stolen, and leaked without requiring any additional proof of ownership. With at least a 40% increase in targeted phishing attacks, businesses need to be thinking about additional layers of defense beyond the password. Multi-factor authentication (MFA) requires additional login information – two or more authentication factors – before access is granted to an employee. If credentials are somehow stolen – such as via malware, or social engineering – an attacker still cannot log in successfully without the additional information. The second authentication factor could be a code, a fingerprint, or other biometric or contextual data that proves the user is who they claim to be, a factor only a legitimate employee would have access to, helping to eliminate the risk of a hacker gaining fraudulent access. Maximizing breach protection with an identity and access management holistic solution Used individually, EPM, SSO, and MFA all provide unique benefits in reducing various cyber threats. When combined in one holistic identity and access management (IAM) solution, they work to cover every entry point in use across the business to help prevent breaches, while easing everyday access for employees. IAM is critical to keeping a remote workforce productive and protected. With an integrated solution, workers are authenticated seamlessly and can quickly access what they need to keep working efficiently. Would-be attackers, on the other hand, are thwarted by uncrackable passwords, strong authentication protocols, and strict authentication requirements. With visibility into access and authentication across the business, at a global and individual level, the IT team can be confident they are reducing risk of breach even while every employee works outside the office. Even in these uncertain times, businesses can have confidence in their data breach mitigation strategy with a holistic IAM solution.