Going Beyond Passwords for Better Security

Security is a broad, complex topic with many different facets. And, of course, security is on the top of the mind for many IT teams. In Kaseya’s 2018 State of IT Operations Survey, 58% of midsize businesses named cybersecurity and data protection as a top priority for 2019.

Password related hacks are one of the leading causes of data breaches, so better access control is becoming essential for effective security. As a result, identity and access management (IAM) has become critical to midsize businesses. For businesses to be agile and competitive, IT teams today are under great pressure to have better security controls for the enterprise in place while streamlining authentication procedures to avoid a decline in user productivity. 

In addition, IT admins, like everyone else, in small and medium businesses have too many passwords to deal with. An increase in endpoints and applications means spending more time managing access to credentials. There has to be a better way!

Passwords Alone are Not Enough

Verizon’s 2017 Data Breach Investigations Report revealed stolen or weak passwords were responsible for 81 percent of hacking-related data breaches. While passwords are unlikely to disappear anytime soon, companies of all sizes must look beyond passwords to secure users’ access to business applications and systems.

One level of security is no longer enough. Multi-factor authentication can prevent data breaches that occur through brute-force, phishing, and social engineering attacks by using more than just a username and password.

Multi-factor Authentication (MFA) 

It is a security system that requires more than one method of authentication to verify the user’s identity for login. 2-factor authentication (2FA) solves the password problem by requiring something users know- typically username + password, and something they have – a token or smartphone app. This 2-step process confirms they are a valid user. MFA adds a layer of security that allows companies to protect against compromised credentials.

Single Sign-On

We all know how much of a hassle it is to keep track of a large number of passwords and then to have to use different passwords to access each of our applications. Single Sign-On solves this problem by allowing a user to use only one set of credentials to login once to an application “launchpad.” From there they have access to all of their standard applications. This saves a lot of time logging in for all of your users.

Privileged Access Management (aka Privileged Account Management)

A privileged user is someone who has administrative access to your critical systems. And, it goes without saying that you only want to give privileged access to those you trust. Privileged Access Management (PAM) tools offer a scalable way to authorize and monitor all privileged accounts across your IT environment. These tools typically let you:

  • Grant access privileges to users only for specific systems, as necessary
  • Grant access only when it’s needed and revoke access automatically at the end of the period
  • Create an audit trail of privileged access activities for compliance purposes

PAM tools usually have a password vault to store all system passwords.

Organizations can have full control over which users and groups can access systems based on their roles. This centralized management, with fine-grained permission levels, provides a high level of defense against intrusion.

Technicians Need a More Effective Way to Access Endpoints

IT admins are responsible for uninterrupted operations of many endpoints and applications. Which means they typically have access to either end-user or admin credentials to log-in to those devices. They may use the password vault to gain access to passwords for end-user devices. One problem with this approach is that all of those passwords must be changed if the technician leaves the company.

Going Beyond Passwords for Endpoint Management

What if your technicians didn’t have to know or have access to any passwords to access end user systems? Kaseya’s 1-Click Access allows secure access to end-user devices for privileged users/admins at the click of a button, without having to know user or admin credentials. This not only saves valuable time but also eliminates the need to change passwords when someone leaves the company.

Stay tuned for more on Kaseya’s 1-Click Access in an upcoming blog.

To learn more about Kaseya’s endpoint and network management solution, request a demo for VSA by Kaseya.

Posted by John Emmitt
John Emmitt has more than 15 years of high technology marketing experience, including more than 10 years in the IT Management software market. John was the manager of the enterprise product marketing team at Flexera, an IT management software and SaaS company serving the Global 2000. At Kaseya, John focuses on marketing our core IT Management products to mid-market enterprises. John holds BSEE and MSCS degrees.
Single sign-on

Single Sign-On (SSO): Ensuring More Secure Logins

Passwords are no longer enough to secure logins to all of our software and systems. According to the 2019 VerizonRead More

Archives

Categories