Whether you’re an admin at a major company or launching a startup from your garage, protecting user identities is crucial.
Challenges in today’s rapidly evolving threat landscape are significant, but defensive strategies, and technology are there to help.
Here’s some steps to fortify your identity security efforts:
1. Multifactor Authentication:
Protect all your users with multifactor authentication, always, using Authenticator, Fast Identity Online (FIDO), Windows Hello, or CBA
2. Conditional Access:
Limited access means lesser exposure. Applying Conditional Access rules to your applications helps defend against application attacks
3. Endpoint protection policies:
Use mobile device management and endpoint protection policies—especially prohibiting running as admin on devices—to inhibit token theft attacks
4. Limiting exposure:
Limit on-premises exposure and integrate your SOC and identity efforts to ensure you are defending your identity infrastructure
5. Moving to the Cloud:
Bet hard on agility with a cloud-first approach, adaptable authentication, and deep commitments to automated responses to common problems to save your critical resources for true crises
No one step is enough to safeguard against the velocity of incoming attacks. Each of these recommendations has value in and of itself, but taken together, they represent an approach to defense-in-depth.
Start building your multiple layers of defense before you need them, today.