World Password Day is a timely reminder that passwords are a constant not fixed state, which must be strengthened with additional capabilities and best practices to ensure access to precious data is not provided to malicious actors. The following capabilities are vital for organisations looking to strengthen their data security and data access:
- Multi-factor Authentication (MFA) strengthens platform security by requiring users to verify their identity using more than just a username and password. MFA ensures that users authenticate login requests and their passwords by using a unique response that only they can provide like a mobile phone challenge or TOTP.
- Role-based Access Control (RBAC) assigns specific privileges based on user roles, reducing data breach and insider threat risks. This minimises risk and prevents employees from overreaching into areas beyond their responsibilities and minimises risk in the event a password is compromised.
- Quorum is an authorisation method that requires approval from at least two individuals, preventing single-user or compromised credential exploitation. This capability means no single compromised account can make unilateral changes or impact business critical operations.
If malicious actors successfully take over an employee’s account through a compromised password, AI-powered anomaly detection is vital for alerting IT teams to unplanned or abnormal changes in data size or format, as this is often indicative of malicious activity. By detecting anomalies early, organisations can respond by either mitigating potential threats before they escalate or recovering quickly if an attack is already underway.
Sathish Murthy is the systems engineering lead for Asean and India at Cohesity