Ransomware situation: preventative medicine against the primary source of intrusive breaches and cyber theft

Studies show most breach incidents occur from exposing vulnerabilities from past or current employee access rights. Second most common strategy for the hacking bad guys...is phishing. Duping a user to click on a toxic email.

Consider IDdriven preventative medicine against the primary source of breaches.

Employee Access Control and Access Governance would provide a high degree of mitigation against breaches and subsequent ransomware/ransom attacks. This current attack is expected by all accounts, to be more severe than is felt at this moment in time. We'll see as it unfolds but experts suggest it's extensive. Increase security through Access Controls and Access Governance, the best line of defense, surrounding your employee directory.

Questions to ask thyself: Do you have access controls in place at your Company ? If you are an MSP, are your clients seeking IAM cloud solutions ? Do you know the market of products ? Do clients use Office365 ? Can reports be generated summarizing which staff has access rights, is assigned to what software licenses or who gets access to any other resources within your extended IT universe? Do you have an organized Directory or Active Directory where each user is supposed to be there aka is it spring cleaning time in your AD? Generate Reports by licenses, by user, groups or role? Automated life cycle management ? Do you have or need governance procedures ? Do you attest to or certify users access and license rights regularly (clients have ranges of no requirement to quarterly, twice annually or annually) >> to meet ISO27000, Sarbanes Oxley, HIPAA, SOC, PCI, NYS Dept of Financial Services cyber security and other mandates.

IDdriven = Access Controls and Access Governance as a Service, built and residing in Azure Multi Tenant.