A Data Breach Risk Assessment Checklist

When it comes to data security, there’s no such thing as too big to fail. Chances are, if you’ve switched on the news recently you’ve heard of at least one high-profile data breach. Perhaps of even greater concern is that a few large organisations have fallen victim to multiple data breaches in the past few years. This is a surefire sign that corporate security practices are not evolving fast enough to outpace the increasing sophistication and ambition of attacks.

Safeguarding against compromised credentials

Stolen credentials arising from reused passwords and phishing attacks pose the most significant data breach risks these days. While it’s important to educate your workforce, it’s also crucial to realise that phishing lures have become so sophisticated and personalised that they are almost impossible to identify. Good password hygiene and security training alone will only get you so far.

It’s important to back these initiatives with effective identity and access management (IAM). Instead of relying on security controls at your perimeter, you should focus on identity-driven security that accurately identifies people as the new perimeter. You’ll then be able to take an approach that Gartner calls continuous adaptive risk and trust assessment—in other words, evaluating the threat of activities in real time.

We’ve put together a checklist that identifies some of the top causes of data breaches and suggests steps you can take to secure your organisation and keep your people safe.

A checklist for identity success

1. Centralize identity and access control

First, reduce the complexity of account management by making use of a single IAM solution.

  • Passwords will likely still be a reality in your organisation, but make sure users have strong, unique passwords. Single sign-on solutions free users from having to juggle multiple usernames and passwords, which in turn makes it less likely that they’ll use simple or recycled passwords.
  • Aim to go passwordless completely. We’re finally at a stage where we can say goodbye to simple usernames and passwords and adopt authentication that’s more secure.
2. Adopt strong authentication

Using knowledge factors, like passwords and security questions, means you’re vulnerable to data breaches via stolen credentials. Authentication should be based on possession or biometric factors.

  • Adopt Multi-Factor Authentication (MFA) and consider the factors that best suit your organisation
  • To reduce login friction, it’s important to base these factors on the context of a login request—the location, device, and network associated with it. When the risk associated with a request is high, the solution will prompt for a factor with a higher assurance level
  • Use step-up authentication for critical systems and apps, regardless of the context of a request
  • Create unified policies across your on-premises and cloud apps to ensure that a single oversight doesn’t lead to a breach
3. Reduce your attack surface

The easier it is to see exactly who has access to what, the less the chances of a data breach.

  • Create a dedicated space to manage access and permissions for all your users, groups, and devices
  • Automate provisioning, onboarding, and other tasks to reduce IT’s workload and prevent human errors that naturally come with administrative tasks
  • Set up reports that flag orphan accounts, unassigned users, and other anomalies that could signal or lead to a data breach
4. Be ready to respond
  • Proactive responses prevent data breaches. Use all the information at your disposal to respond to red flags.
  • Set up centralised, real-time reports for all authentication events—get your team ready to deal with any unusual and suspicious behaviour
  • Integrate your identity management strategy with existing security information and event management (SIEM) solutions. Okta solutions can be combined with software like Splunk to offer detailed insight into network activity and prepare you to respond quickly

Found this helpful? Read Checklist: 12 Key Steps for Protection Against Data Breaches for more proactive steps to prevent data breaches.