Securing identities and granting access
Securing identities and granting access are critical functions for a security program. It is always your responsibility to grant access to systems and information to identities and to build controls to ensure the people requesting access through a login are who they say they are. We discussed Multifactor Authentication (MFA) in Chapter 4, Protecting People, Information, and Systems with Timeless Best Practices, so we will not discuss it in depth during this chapter. However, we will briefly discuss the importance of verifying identities.
Verifying identities
It is important for every organization to have the ability to identify who is requesting access and to verify they are who they say they are. In a world where most people access resources remotely, and many resources are accessible from anywhere because they are cloud based, it is more important than ever to verify identities. Also, with the prevalence of password theft, MFA is a critical...