4 Ways to Protect Your Cloud-Based IT Infrastructure
Cloud-based IT applications (applications that are hosted on the web, rather than your desktop computer or a local server) are becoming more and more popular in offices and workspaces. If your company uses Office 365, Salesforce, or Google Apps, you’re already in the cloud. Moving to the cloud has many benefits—bandwidth capabilities are expanded, the software updates automatically, and employees can work from anywhere. One possible downside, however, is that every cloud-based application is password protected. What does that mean to the average user? More passwords. Lots of them.
But moving to the cloud doesn’t have to mean entering dozens of different logins each day, or compromising your IT security by using the same password for all logins (cringe). In fact, today’s password security options make the organization and management of password and login credentials easier and more effective than ever before. Here are four to consider:
1. Password Management Software
Considering the rise of cloud-based applications and the number of passwords each user is now responsible for entering, password management software is a no-brainer. As a security consultant, I consider it a necessity for every business. There’s simply no efficient or effective way to manage all of your users’ passwords without this tool. Your employees may be using easy-to-guess or old passwords, greatly increasing the risk of a security breach. With password management software, password-related tasks are automated and permissions are easily viewed and changed by an administrator.
2. Multi Factor Authentication
There are three security “factors” in password security. Most logins today require only one – the knowledge factor (something you know)—in most cases, a password. With multi factor authentication, users are required to enter at least two. In addition to a password, the user would be required to login using either the inherence factor (something you are—the user proves their identity through an iris or fingerprint biometric scan) or the possession factor (something you have—the user authenticates using a one-time code generated on a device that they have). The security impact of MFA is huge. When protected by MFA, a network is nearly impossible to attack from the outside, even if a password is somehow obtained.
3. Single Sign On
With SSO software, the user authenticates using MFA and is taken to the secure SSO portal, where they can be automatically logged into their needed applications without needing to again enter their credentials.
4. Single Sign On Workflow Automation
If you’re considering an SSO solution, be sure that the SSO software you choose offers SSO workflow automation. Not all web applications support SSO, but workflow automation ensures that you can use SSO to login to all of your applications—this is especially important for a cloud-based infrastructure. Using a web recorder, your login sequences are saved to a secure file to be used for use with your SSO password management software.
Password management software solutions can cure a lot of your password management woes. To learn more about password management software, the specific benefits it offers, and steps to take download "The Password Management Playbook", a 42-page guide that will tell you everything you need to know.