When you hear about retail establishments suffering from a data breach, names like Neiman Marcus, Target, The TJX Companies, Michaels, and The Home Depot dominate the headlines. When you read these news stories, it might appear as if cyber criminals are only going after the big fish. Unfortunately, this might lull small and mid-sized businesses into thinking that they are not likely to be the targets of such an attack. This is supported by recent research that shows that more than three-quarters of all SMBs believe that they are safe from to cyber attacks.
- Unsuspecting and as a result, unprepared; they simply don’t believe they are targets.
- Failing to allocate enough funds to the modern identity and access management solutions and training.
- Lacking control or influence over their employees password practices. Those with password policies, are failing to enforce them.
- Unfocused in their approach. IT security is not centralized, owned by a single organization or staffed the with the right expertise. IT security fails when it is a shared responsibility.
Unlike large enterprises that could have funds available to offset the costs of a data breach, smaller companies run the risk of a data breach being the very thing that causes them to close their doors. A recent study by The National Cyber Security Alliance found that as many as 60% of SMBs closed within six months of experiencing a data breach.
At the very least, a breach will hinder a company’s growth for the near future due to the costs surrounding the incident. These costs, which average out to $36,000, can cost a small organization upwards of $80,000 per incident. While these out-of-pocket expenses can be high, they do not even reflect the long-term effects that can stem from a damaged brand reputation, bad press, and lost customer loyalty. And, just what puts you at the greatest risk? “Negligent employees or contractors and third parties caused most data breaches.”
What can be done?
Most mid-size businesses spend a too much of their limited time and security dollars shoring up their perimeter security defenses. While this is an area that should not be neglected, it isn’t addressing the most problematic area of today’s threat landscape: user account theft. The phrase “negligent employees or contractors and third parties” tells us that these are not malicious insiders who are copying digital records late at night in order to sell them. These breaches happen because someone had access to data who shouldn’t have or because an account was compromised through a phishing attack or some other type of social engineering.
In order to better protect against these threats, identity and access management (IAM) needs to be at the core of your security program. IAM solutions address this threat by ensuring that only the appropriate users have access only to the data they need in order to do their job at any point in time.
Modern IAM solutions centralize all active and inactive user accounts and automate the majority of your provisioning and deprovisioning processes. With the right IAM solution in place, there is no need to manually revoke accounts in each target system every time a full-time or even seasonal employee leaves. Additionally, the security risk of accounts being accidentally left open and unmonitored is eliminated.
The ability to place new user accounts into groups when provisioning them provides an extra layer of security as well. By preconfiguring access by user group, you are helping ensure that each account abides by the principle of least privilege per role, while leaving out the mistakes that can be made when manually assigning entitlements on a one by one basis.
Not only do modern IAM solutions offer you the ability to better manage user accounts, but the right ones can also help you protect those most highly coveted by attackers: administrator accounts with privileged access management. By provisioning administrator rights on demand, you are better able to control when these accounts are used, by whom and what what length of time. A well defined expiration date, helps minimize the damage that can be done should these one of these accounts become compromised.