October is officially recognized as the cyber security awareness month all over the world, ever since it was started by the National Cyber Security Alliance (NCSA) and the U.S. Department of Homeland Security (DHS) in 2004. This year, the theme for the cybersecurity awareness program is 'Do your part. Be cyber smart'.

On that note, we would like to create awareness about security best practices and cyber hygiene in this blog series.

This blog will be centered around the focus area of this week, Securing Devices at Home and Work. The sudden shift to remote work has widened the attackable landscape. The FBI has reported that they have seen a jump in the number of reported cyber attacks by 3,000-4,000 per day since March 2020, almost a 400% increase. This can be attributed to the fact that organizations could not revamp their security strategies quickly enough to address the challenges arising from a remote work setup.

For an IAM administartor, securing devices includes allowing the users to access their work or official devices only after verifying their identities through Active Directory and other authentication methods. As administrators, your focus would be on the applications and data that users can access after they login to their devices, and also the activities that they can perform from the devices. For example, enabling Outlook Mobile Access or ActiveSync to allow users to access their work emails from their mobile devices.

Zero trust is the new normal

In these demanding times, especially when cyber attackers are more active than ever, zero trust policy is what you, as an IT administrator must trust in. 'Trust no one, and verify everyone' is something that you can follow for your cybersecurity. For maintaining your security posture, ensure that no one gets to access critical applications and data, even if they are authorized, without being verified. Similarly, no one gets new or elevated access privileges before being verified.

1. Automate role based access control
   

Implement role based access control (RBAC) to ensure that users have access permissions and rights to only those applications and data required for their roles. With automated access management, you can easily ensure configuration of necessary and relevant permissions, based on the roles, while creating user accounts. Also periodically check users' permissions and remove excessive ones, that they might have accumulated.

2. Verify all requests and approve them on a need-only basis
   

All sensitive IT requests like access to  folders with sensitive data, elevation of permissions, modifying permissions or group membership of privileged users, etc. need to be done only if approved by the designated authority. This can be achieved by setting up a multi-level approval system to streamline and monitor the processing of such requests.

3. Periodic clean-up of stale accounts
   

The Achille's heel in health care, when it comes to cyber security is that healthcare organizations have a lot of networked medical devices apart from computers and they might be prone to safety and cybersecurity risks like being hacked, or vulnerable to unauthorized access.These devices are usually exploited through inactive accounts. Therefore, periodic clean-up of stale accounts and regular auditing of user's access permission will help you avoid security incidents. 

4. Keep track of delegation activities
   

Delegation of tasks, if done properly, certainly increases the productivity and efficiency of the IT teams. Problems arise when everyone who has been delegated a task is given admin level access permissions due to improper planning when the organization scales up,etc or if the delegated users' activities are not monitored continuously. It is recommended to provide only least required permissions for the delegated task and maintain an audit trail of the employees performing the delegated tasks.

5. Control logon activities
   

Suspicious logon activities like logon failures or employees accessing data during non-work hours always spell trouble. Mandate logon hours, specify the computers that users can log on to, and maintain a log of employees logon activities as a precaution against insider attacks.

With a comprehensive AD management solution like ADManager Plus, performing all these activities can be a breeze. ADManager Plus is a unified identity and access management solution for managing Active Directory, Exchange Server, Microsoft 365, Skype for business and G Suite environments.  

Learn more about how ADManager Plus can make implementing all these easier with,

• Reactive user management templates
  

• Automated stale account cleanup
  

• Secure AD management task delegation
  

• Script-free generation of user logon reports
  

• Customizable approval-based workflow to streamline IAM operations and more.