Recent hacks threaten the data of companies and governments around the world. The importance of maintaining proper cyber security cannot be emphasized enough. In a recent article on their blog, OneLogin- a cloud-based identity management company– advises companies on basic methods for beefing up their cyber security. They give advice on topics such as board member admission and employee best-practices training.
OneLogin advises that companies need to begin screening for new board members partly based on an applicant’s ability to comprehend basic cyber security principles. This means that board members should be able to read, understand and explain technical concepts. From the point of view of oneLogin, it seems that one cannot guard against something that one cannot understand. And if this statement holds true, then hackers might have already compromised the data of half of the companies in America at this point. This statement can be supported by various successful cyber attacks on branches of the government like the Office of Personnel Management. The fact of the matter is that most companies do not screen their board members for technical understanding. The rise of software engineers -and a requirement for basic technical understanding in the workplace- in America is a fairly new phenomena. Unfortunately, the rise is at least a decade later than it should be, and companies are paying for this tardiness in data breaches and bad publicity.
The article also advises that companies begin to train employees on basic password creation techniques to prevent bad actors such as hackers from automating through basic literary combinations in order to guess an employee’s password. One low-quality password could open up an entire company’s data to a break that would cost millions after lawsuits and bad PR.
OneLogin seems to have some bite behind its bark. The company employs a User Provisioning feature in its suite of products which serves to help company technical teams properly shutdown employee accounts and access to internal applications. The product automates a lot of mundane procedures and lowers any potential human error by the technical team when walking through an account-shutdown procedure.