
Identity and Access Management

Have you taken proactive action to ensure your business is protected?
Highest Priority: What you should do now
-
Conduct an audit of all technology solutions, user accounts, and roles. Repeat this process on a quarterly basis.
-
Disable accounts upon employee technology offboarding, or update permissions and access upon role change.
-
Disable inactive or underutilized employee accounts if they are unused or inactive for long periods of time.
-
Use a password manager to create strong, unique passwords per technology solution and enable multi- factor
-
authentication (MFA) on the password manager. Do not allow storage of credentials in web browser.
-
Protect any API keys in use.
-
Use different keys for different integrations, rotating them periodically.
-
Use IP restrictions where possible.
-
Store keys securely.
-
Enable MFA on all accounts that are allowed to via API keys anywhere they are configured for use.
-
Network Access
-
Update all endpoints and technology software to versions that are free of known material vulnerabilities.
-
Use a VPN to restrict access to admin tools (RMM, Remote Access, etc.). Use MFA on the VPN.
Protection of Local and Cloud Backups
-
Act on manufacturers recommended guidance or best practices for the protection of your backup technology.
-
Move away from shared login accounts on appliances and technology portals.
-
Enable MFA on access to technology portals and appliances.
-
Store copies of backups offsite, or in an isolated network or file share location that is inaccessible from servers or
-
workstations, thus making backups harder to access, encrypt, or destroy.
-
Monitor and alert for backup deletion. Some manufacturers offer “soft” delete so backups are not immediately removed.
-
Understand your manufacturers capabilities.
-
Test your backups. Determine how long it takes to do a restore, and set accurate expectations should the need arise.
Lower Priority: Items to consider when expanding security best practices
Protection of Local and Cloud Backups
-
Monitor accounts for exposed credentials
-
Conduct phishing simulations and training campaigns for your employees.
-
Consider device trust or network IP whitelists for accessing technology portals and appliances.
-
Avoid shared accounts. MFA is designed for a single user. As a result, it is difficult to manage on shared accounts.
Network Access
-
Customerswhose service providers are an extension of thier network should reconsider this design choice as a
-
compromise to the service provider could mean game over for you
-
Consider the time of day restrictions for access to RA VPN endpoints.
Leverage your Relationships to Gain Intelligence on Current Threat Environment
-
Talk to your service provder about what they are seeing and what their road map is to address shifts in the cyber landscape.
-
Speak to your MSP and/or hire an expert to ensure your technology is configured best to mitigate the risks for cyber threats
-
Join a peer group, and start discussions with other businesses to learn about their best practices.
-
If you’ve been attacked and your business has survived, share your knowledge.