Identity Management Day - Tuesday 13th April
Tuesday April 13th is the inaugural Identity Management Day. This is an annual awareness day which aims to educate business leaders and IT decision makers on the importance of identity management and key components including governance, identity-centric security best practices, processes, and technology, with a special focus on the dangers of not properly securing identities and access credentials.
The comment from Chanel Chambers, Senior Director, Product Marketing Management at Tanium:
“I suggest practitioners focus on three areas around identity management. First, access control and the principle of “least privilege” which gives users access only to the resources they absolutely need to do their jobs. We’ve seen cases where large, sophisticated enterprises didn’t realise that more than 20,000 of their users had administrative rights they shouldn’t have had.
Second, have a process in place to track lateral movement paths. We know most cybercriminals get in via stolen credentials. Make sure you know who has access to what systems and data and the actual paths of lateral movement across your organisations. This also helps organisations prioritise patching.
Finally, zero trust tells us to trust no one and verify everything. This is a powerful approach for identity and access. If your IT infrastructure doesn’t assume trust, it will require that each user and each point of access be re-verified.”