Data in organization can face external or internal threat. Securing data would be best made when we think of restricting the data through appropriate level of classification.

Some steps which would help in the process would be:

  • The data needs to be limited for exposure based on what a person is entitled to access.
  • Enforcing the audit periodically
  • Evaluate privacy controls on the data
  • Identify the data custodians and fix their responsibilities
  • Usage of strong multi factor authentication to devices and storage
  • Evaluate strategies for securing data at rest and transit through appropriate encryption mechanism
  • Minimize the movement of information
  • Establish cybersecurity policies fore remote workers
  • Eliminate or disabled shared accounts
  • Always adopt or employ of Principles of least privilege
  • Remove Zombie or Orphaned accounts (Example remove IAM accounts with out any policies)

--

--

  1. Identity is one of the security perimeter
  2. Bring the organization identities under one roof through centralization
  3. Essential to understand who has access to a resource, at what level and why they have access to that given resource.
  4. Identities cannot be constrained only by human identities, it can be service accounts or devices in the future or other microservices.
  5. Complexity and risks involved in an IT Infrastructure
  6. Simplify empowerment of users in a secure way
  7. Operationalize your identity insights and analytics around the identities
  8. Integrate and connect the applications interacting together with identity
  9. Eliminate need for long term static credentials
  10. To manage Just in Time and Just Enough Access (JIT/JEA Scenario)

--

--

SivaKarthikeyan

SivaKarthikeyan

IT Professional/Blogger. My career and life built by beautiful people around me, I'm thankful to them forever. The views expressed by me are my own.