Four Ways to Improve Cloud Security for Business

This is your wake-up call

More devices, applications, networks and employees increase the complexity of managing – and protecting – user access in your business. While employees just want to work efficiently, IT needs to ensure the proper controls are in place to protect the company.

• 80% of cyber security breaches are due to poor passwords.¹
• 53% of people don’t change a password after a known breach.²
• 76% of employees experience regular password problems.³
• 43% of all cyberattacks target small businesses.⁴

1. Make access control a serious priority

A modern BYO-anything workforce means more access points, hidden apps and hurdles to secure across the organization. Even as cyberthreats rise, employees expect technology to be fast, convenient and easy to use. Businesses must prioritize an access solution that secures the organization while helping employees stay productive wherever they are.

Best Practices include:

• Know your apps: Track and vet the apps in use across your organization.
• Specify permissions: Assign specific access privileges based on organizational role.
• Keep access simple: Provide one-click access to all apps and tools.
• Set access standards: Create, communicate and enforce strong policies.
• Support all use cases: Build systems that give the right access, to the right people, at the right time.

2. Establish strong access policies

An effective strategy looks to centralize employee access in a single portal, where all apps and credentials are controlled by policies. IT visibility into employee access and security behaviors is critical to protecting the business.

Create policies that enforce the following best practices:

• Protect all access points: Safeguard access to every app and login in a portal that’s secure, backed up frequently and difficult for others to access.
• Automate password storage: Capture and store passwords for new services, whether they’re managed by IT or not.
• Get extra protection: Require multifactor authentication wherever possible.
• Share passwords safely: Send one or more passwords to others in an encrypted format – discouraging insecure methods like text, email or written notes.
• Stop password reuse: Generate and store unique, random and strong passwords.

4. Get employees on and off systems fast

You need to give employees convenient, secure access to the tools they need to do their jobs, with the appropriate level of permissions.

Onboarding and offboarding best practices:

• Streamline IT processes: From one centralized admin dashboard, get a unified view of employee access across the organization.
• Connect with existing infrastructure: Integrate with your existing user directory to automatically provision new employees, with the right privileges to the right resources.
• Jump-start new employees’ productivity: Give employees a central portal to access so they are up and running from day one.
• Share passwords safely: Send one or more passwords to others in an encrypted format – discouraging insecure methods like text, email or written notes.
• Have a kill switch: Immediately and completely turn of access privileges when an employee leaves.

Sources:

1. Verizon, 2019. "Data Breach Investigations Report (DBIR)"
2. LastPass, 2018. "Psychology of the Password Report"
3. Ovum, 2017. "Closing the Password Security Gap"
4. SCORE, 2018
5. FireEye, 2019. "M-Trends Report"
6. Ponemon Institute, 2018. "Cost of a Data Breach Study"
7. Online Trust Alliance, 2018. "Cyber Incident & Breach Trends Report"
8. Ovum, 2017. "Closing the Password Security Gap"
9. LastPass, 2017. "The Password Expose"