decrypting myths
ensure corporate and personal data remains secure . As we have already noted , passwords can always pose a risk , no matter their size or complexity .
One way organisations can better spot if someone is trying to impersonate an employee online is by monitoring their network activity and behaviour in an effort to detect any abnormalities . Take the simple scenario of an employee who logs in via their home IP address every day during the working week . If that employee was suddenly to log in from a different location at a different time on a weekend night , this would definitely be cause for suspicion . With context-based , stepup authentication , organisations can confirm a user ’ s identity depending on his or her location , device and day-today activities .
Anurag Kahol , Founder and CTO at Bitglass
time now . Depending on where they operate , businesses also need to keep up to date with new additions to privacy legislation in individual states in the US , such as the California Privacy Rights Act ( CPRA ) and the Virginia Consumer Data Privacy Act ( VCDPA ).
Data privacy is likely to become even more of an issue for organisations operating in the US if discussions about a national privacy law to hold all states equally accountable for the misuse of consumer data lead to legislation . It is important for companies to ensure they are aware of any developments in the data privacy sphere . Ignorance is not a defence and failure to comply with data privacy regulations will lead to steep fines and , quite possibly , force the company to close down .
Protect digital identities using IAM best practices
The security landscape is constantly evolving and creating new points of vulnerability . To combat the widening range of threats , consumers and businesses need to work together to
In many instances , the weakest link in an organisation ’ s security strategy is its workforce . A business can have all of the right solutions in place but its security strategy will not function effectively if it hasn ’ t trained and educated its people to use it properly . Cybersecurity training is important for all employees , and companies need to enforce programmes to ensure they are informed about existing and emerging threats . These programmes will also help them to manage their data better and protect their digital identities more effectively – as well as those of their customers .
By implementing these IAM practices , organisations can counter unauthorised access proactively and protect sensitive data stored across their modern IT ecosystems . But company policies are not enough on their own . People need to take responsibility for keeping up to date with the latest identity management trends and cyber-risks . The Internet has become a critical part of our daily lives in our connected world . Identity management awareness can help keep us connected in a safer way . u www . intelligentciso . com
69