Identity and Access Management

Have you taken proactive action to ensure your business is protected?

Highest Priority: What you should do now

  •  Conduct an audit of all technology solutions, user accounts, and roles. Repeat this process on a quarterly basis.

  •  Disable accounts upon employee technology offboarding, or update permissions and access upon role change.

  • Disable inactive or underutilized employee accounts if they are unused or inactive for long periods of time.

  • Use a password manager to create strong, unique passwords per technology solution and enable multi- factor

  • authentication (MFA) on the password manager. Do not allow storage of credentials in web browser.

  • Protect any API keys in use.

    • Use different keys for different integrations, rotating them periodically.

    • Use IP restrictions where possible.

    • Store keys securely.

    • Enable MFA on all accounts that are allowed to via API keys anywhere they are configured for use.

Network Access

  • Update all endpoints and technology software to versions that are free of known material vulnerabilities.

  • Use a VPN to restrict access to admin tools (RMM, Remote Access, etc.). Use MFA on the VPN.

Protection of Local and Cloud Backups

  • Act on manufacturers recommended guidance or best practices for the protection of your backup technology.

  • Move away from shared login accounts on appliances and technology portals.

  • Enable MFA on access to technology portals and appliances.

  • Store copies of backups offsite, or in an isolated network or file share location that is inaccessible from servers or

  • workstations, thus making backups harder to access, encrypt, or destroy.

  • Monitor and alert for backup deletion. Some manufacturers offer “soft” delete so backups are not immediately removed.

  • Understand your manufacturers capabilities.

  • Test your backups. Determine how long it takes to do a restore, and set accurate expectations should the need arise.

Lower Priority: Items to consider when expanding security best practices

Protection of Local and Cloud Backups

  • Monitor accounts for exposed credentials

  • Conduct phishing simulations and training campaigns for your employees.

  • Consider device trust or network IP whitelists for accessing technology portals and appliances.

  • Avoid shared accounts. MFA is designed for a single user. As a result, it is difficult to manage on shared accounts.

Network Access

  • Customerswhose service providers are an extension of thier network should reconsider this design choice as a

  • compromise to the service provider could mean game over for you

  • Consider the time of day restrictions for access to RA VPN endpoints.

Leverage your Relationships to Gain Intelligence on Current Threat Environment

  • Talk to your service provder about what they are seeing and what their road map is to address shifts in the cyber landscape.

  • Speak to your MSP and/or hire an expert to ensure your technology is configured best to mitigate the risks for cyber threats

  • Join a peer group, and start discussions with other businesses to learn about their best practices.

  • If you’ve been attacked and your business has survived, share your knowledge.