by Dan Newton
Securing your network can be a crazy and scary proposition… and it’s one of the IT tasks that is never completed.
With the advent of cloud computing, the security landscape has expanded and with it, new opportunities. One of these opportunities is to leverage the cloud for “Identity and Access”. I think right now Identity is the cloud’s killer app. With Microsoft’s Azure AD and Amazon AWS Directory Service, CIOs have a huge tool that can go a long way in preventing the security breaches that have made headlines over the last few years.
Azure and AWS support multi-factor authentication (MFA), which means in addition to the standard username\password, users are required to have an additional bit of information to validate/authenticate. For example you can setup a user’s cell phone that will be sent a SMS (txt message) with a validation code that must be enter after the user as authenticated with their regular username and password. This system allows for other means of authentication as well (phone call for example), but the key is that we are seeing security no longer being reliant on username\password as the “key” to access.
In addition to MFA, Azure and AWS can allow users to reset their user passwords… lowering the number of helpdesk calls. A hacker may have guessed that my password is my dog’s name… but he can’t guess the validation code the is randomly generated.
If you have looked into extending your user’s “Identity and Access” into the cloud, then you perhaps you should.
Until next time!