June 8, 2020
MFA

What are some lesser-known cybersecurity best practices that can help individuals and businesses?

Archit headshot
Archit Lohokare Chief Product Officer

You already know to not share passwords. But what are some lesser-known cybersecurity best practices that individuals and businesses can implement to stay secure?

quora 7

Before I mention the less-known examples, I think it’s important to highlight some “common sense” cybersecurity best practices. You’d be surprised how often these go ignored!

First off, there’s a common misconception that malicious hacks are the biggest threat to ordinary users and people. That’s just not true – according to Verizon, over 80% of breaches are caused by weak or stolen credentials.

The most basic suggestion I can give is to not reuse your password, and use complex passwords containing numbers, caps, and symbols. But as we know, that’s just not enough anymore. Another important tip is to enable MFA! I can’t stress this one enough. It’s the single most effective way to protect yourself.

Some lesser-known tips that businesses and individuals can adopt:

  1. Refrain from using SMS for one-time passwords: Sim Swapping attacks are on the rise, and phishing increasingly targets SMS vulnerabilities. In 2016, the National Institute of Standards and Technology recommended that organizations no longer send one time passwords to mobile phones, due to malicious actors continuing to exploit this weakness in SMS. Instead, consider other authentication methods such as security tokens, OATH based authenticator apps, push notifications, wherever possible.
  2. Physical IAM: Organizations should look for ways to integrate physical identity security with their systems + applications. Whether that’s requiring badges or fobs to get into physical offices, or giving remote workers FIDO2 authenticators like YubiKeys, social engineering increasingly exploits vulnerabilities in physical perimeters that can easily be mitigated.
  3. Automating HR Processes: HR tech is becoming more important for cybersecurity because it’s where a lot of access and security issues are initiated, especially during employee on- and off-boarding. Some companies have literally dozens of administrators overseeing logins and access permissions during onboarding.

According to an Intermedia Risk Report, 44% of millennial employees still have access to apps and systems from previous jobs. Based on our experience, it takes some companies up to a month to fully off-board former employees and shut down their access and accounts after they leave a company.

By automating on- and off-boarding, and locking down access quickly as an employee joins or leaves or even moves within an organization, you dramatically reduce the time when accounts (which are vulnerable to malicious actors) can be exploited.

 

This post originally appeared in a Quora Q&A session hosted in January 2020. Our CPO Archit Lohokare was asked to discuss the state of cybersecurity, Zero Trust, artificial technology and machine learning and working in the security field, among other things. Stay tuned as we share more of his answers in our blog!

Archit Lohokare

Archit headshot
Archit
Lohokare
Chief Product Officer

Archit Lohokare is Chief Product Officer at Idaptive, where he is responsible for product strategy, driving innovation, and bringing new products and services to market. He transitioned over to Idaptive as it was spun-out from Centrify, where—as Vice President of Product Management—he led the Identity-as-a-Service (IDaaS) and Unified Endpoint Management product portfolio. Prior to Centrify, Archit was Vice President of Products at Optymyze, where he led the product management team responsible for the company’s Sales Performance Management and Sales Platform-as-a-Service SaaS and PaaS solutions, securing a Leadership position in the first Gartner Magic Quadrant report on Sales Performance Management along the way. 

Earlier in his career, Archit led Symantec's Cloud Information Protection Security-as-a-Service offering, and IBM's Access Management product line, comprised of Web Access Management, Identity Federation, Enterprise Single Sign-On, and Risk-based Access and Entitlements Management products. Archit joined IBM through the acquisition of Encentuate, a leading Bay Area start-up in the security software space; as an early employee, he had the opportunity to contribute to its successful exit. 

Archit has an MBA from UC Berkeley-Haas School of Business, and a bachelor’s degree in Computer Engineering from NTU, Singapore, where he was awarded the SIA-NOL undergraduate scholarship by the Ministry of Education, Singapore.

Archit is an avid history buff, enjoys reading in his spare time and running breathlessly after his one-year-old, hyperactive son.

CHAMELEON-LIKE SUPERPOWER

If Archit could have any Chameleon-like superpower, it would be the ability to change colors quickly and adapt. “Actually, it would be like the ability of our IAM solutions to adapt instantaneously to a customer’s environment and user behavior. Anomalous user access? A snap! Presto, change-o – like a chameleon from green to red in an instant, adapt to the change in user behavior and request user to assure their identities using multi-factor authentication...”