Protecting your data is important. Can you imagine living in a house with no locks on the doors or windows? What about leaving your brand new car running unattended while you go in and grab a soda from the corner store? The analogies could go on forever and get much more ridiculous, so I’ll stop while I am ahead! Even though we know how important it is, we still tend to skate around the issue.
But why? Is it the fear of the unknown? Is it because you need a refresher on data protection best practices?
If it is the fear of the unknown or you just need a refresher, I will do everything in my power to curb that fear in the next 400 words.
Data Protection Best Practices
Step 1: Stronger Password Policies
Does your company have a password policy in place? If you do not, you absolutely need to consider implementing one. A password policy will allow you to set up parameters around the number of characters needed, type of characters required and also the amount of time before a password expires. Having a password policy in place will also prevent your users from using the default password or passwords that are easily guessed as their permanent password.
Deploying and enforcing a good password policy also ensures that the quality of the passwords used are quality passwords. In short this means the death of “password123”.
Step 2: Strong Password + Knowledge Based Authentication
Going beyond stronger passwords and enforcing password policies adding a knowledge based authentication (KBA) solution is considered one of the best user friendly data protection best practices. KBA leverages a set of shared secrets that are established during the enrollment process to ensure user authentication. You already may encounter forms of KBA in your daily life, many financial institutions require a KBA when logging into your account. This form of stronger authentication is adequate for many environments and will provide you with a very secure environment.
Typical questions include “what was your first car?”, “what was the name of your first grade teacher?”, “What was the name of your first pet?”
If you are considering KBA solutions, it is important to make sure that the questions are customizable. Being able to choose and form the questions will allow you to set the question parameters much like your password policy. When forming or selecting the KBA questions it is important to not use questions that can be easily decrypted by social media accounts, or other personal research methods.
Step 3: Strong Password + Two-Factor Authentication
Deploying a two-factor (2FA) solution is a good idea for providing a very high level of security to your environment. Requiring a strong 2FA solution is one of the up and coming data protection best practices in the industry. That being said, many things should be considered when looking at a 2FA. One thing to consider is the information that your end users have access to; not all of the users at your company have access to the same information. A 2FA solution can easily be tailored to fit the requirements of who needs access to what information. It is easier to provided targeted 2FA, rather than 2FA for the entire company.
This is not to say that 2FA should not be considered or deployed in your organization. When searching for a 2FA solution it is important to also consider a solution that is flexible, providing multiple one-time passcode delivery methods. Keeping things flexible is important, as all of your end-users may not be working on the same devices and or have access to the same delivery methods.
Get to it!
Now you are equipped with the knowledge to provide stronger authentication and implement data protection best practices. Perhaps you already have one of these solutions in place and only need to enhance your level of protection by deploying another of these best practices. As always, do your homework and make sure that you are committing to the best solution to fit both your needs and your budget.