Identity and Access Management

Identity and Access Management (IAM) are the methods and processes used to manage subjects and their authentication and authorizations to access specific objects.

What Does This Mean For An SMB?

Your business needs to take proactive measures today to first reduce its chances of being hit by ransomware, phishing, or other cybersecurity attacks. Secondly, validate backups and disaster recovery plans are current and functioning in case you end up hit with ransomware. CyberHoot recommends the following best practices to avoid, prepare for, and prevent damage from these attacks:

• Adopt two-factor authentication on all critical Internet-accessible services
• Adopt a password manager for better personal/work password hygiene
• Require 14+ character Passwords in your Governance Policies
• Follow a 3-2-1 backup method for all critical and sensitive data
• Train employees to spot and avoid email-based phishing attacks
• Check that employees can spot and avoid phishing emails by testing them
• Document and test Business Continuity Disaster Recovery (BCDR) plans
• Perform a risk assessment every two to three years

Start building your robust, defense-in-depth cybersecurity plan at CyberHoot.

Related Terms: Authentication, Compromised Credentials, Password, Two-factor authentication

Source: NICCS Glossary

If you would like to learn more about this topic, watch this short video:

CyberHoot does have some other resources available for your use. Below are links to all of our resources, feel free to check them out whenever you like: 

• Blog
• Cybrary (Cyber Library)
• Infographics
• Newsletters
• Press Releases
• Instructional Videos (HowTo) – very helpful for our SuperUsers!

Note: If you’d like to subscribe to our newsletter, visit any link above (besides infographics) and enter your email address on the right-hand side of the page, and click ‘Send Me Newsletters’.