Data is the new commodity. Protecting that data is tougher because data is everywhere. At ClicData, our business is data and we frequently get asked what data security measures we have in place that can be used to safeguard against unauthorized access. Some of the measures we make available to our customers are not unique to our platform, in fact, they are used by many different cloud platforms for both consumer and business-to-business use.
Here are five features that you should use to prevent any unauthorized access to your company data.
Strong Password Policy
Asking your users to add symbols, numbers and a mix of characters forces passwords to be harder to discover. Ensuring a minimum number of characters and that they change it frequently, every 60 days or 90 days, also ensures that old passwords don’t stay the same for years on end, making it much easier to gain unauthorized access to the account.
IP Whitelisting looks at the user’s IP address and compares it to a list of “allowed” IP addresses to see if this device is authorized to access the account. If your company accesses the internet all via one or a defined set of IP addresses, which is typically the case, then you can add a list of IP addresses that are allowed access. All other IPs will be redirected to a not allowed page.
If your IP address changes frequently, then this method may not be possible, but you can typically ask your internet provider for a fixed IP address, especially if you have employees who work from home.
Single Sign-On (SSO)
If your company employs a centralized user directory, using their directory to gain access makes things more manageable and easier for you. You will only need to remember one password, and if somethig happens, your network administrator can immediately remove access to all your applications in one go. If an employee is on leave or has left the company, you can be sure to disable their account in one step, as opposed to logging in to all the different systems and removing their access individually.
Two Factor Authentication
Two-factor authentication is a great way to make sure that it is really you that is accessing the account. In addition to the usual log in and password, you will need to have another device (typically your mobile device) close by since you will need to enter a code that will instantly be generated for you.
Two Factor Authentication, or 2FA, is becoming very popular and both Google and Microsoft provide mobile apps that allow you to implement this very strong security method in most of your favorite apps. Read more about it here.
Prevention is obviously the first step, but monitoring login attempts and user activities can also provide insight into how best to prevent unauthorized access. For example, if you have logs of unsuccessfully attempted logins for one user, you can initiate an investigation to see if it is indeed the user that simply forgot his or her password, or if someone is trying to hack their way into the account.
All the above data security methods are absolutely needed these days in an age where getting access to data, irrespective of its importance, is a game for hackers. Once an account is breached, the damage done can cost more than just money, especially if you have personal data in your account. So, keep it safe and use most or all of the above methods!