Our dynamic digital environments mean that the way in which organizations conceptualize and approach security is shifting. In the last decade, perimeters have become more porous and can therefore be exploited more easily than ever before. An increasing number of cyber attacks now originate from stolen passwords and credentials. In the last two years, 79% of organizations have contended with an identity-related cyber security breach.

In 2021, the Identity Defined Security Alliance (IDSA) and the National Cybersecurity Alliance introduced annual Identity Management Day. This day, held on the second Tuesday of April, is designed to help educate business leaders, decision-makers, vendors, and others about the need for proper digital identity and access management. Organizations with strong identity management practices stand a strong chance of winning against cyber adversaries.

What is digital identity management?

Digital identity management refers to the idea of exercising care and caution in relation to network access, account access, and social media sharing. Failure to safeguard professional and personal account information can lead to grievous cyber security consequences.

“Identity management security is everyone’s responsibility. It requires organized, concerted efforts to achieve comprehensive, uniform outcomes,” says one CISO, who wishes for his identity to remain anonymous.

For example, the Colonial Pipeline attack, which resulted in nation-wide repercussions within the US, began on account of a single compromised password. In other words, it began on account of inadequate identity management practices.

Identity Management Day objectives

Objectives center around raising awareness and reducing business risk. On Identity Management Day, organizations are encouraged to share best practices as they pertain to the theme of identity management and to inspire good IT and security practices.

The Identity Defined Security Alliance celebrated the day by announcing winners of Identity Management Awards. Awardees included companies such as Allstate, Adobe and West-Mark, alongside employee Rajnish Bhatia of Comcast.

Identity Management Day tips

Share these Identity Management Day tips with your colleagues and peers.

For all employees:

  • Enable multi-factor authentication wherever possible
  • Leverage a password manager to safeguard password details
  • Refresh passwords regularly
  • Perform regular software updates
  • Use online tools to see if passwords have been stolen in recent breaches

For IT teams:

  • Adopt a Zero Trust security model
  • Actively scan your websites to search for vulnerabilities that hackers might exploit
  • Reexamine data governance strategies
  • Consider offering awards to those who have had a major, positive impact on identity management
  • Recognize an amazing security team player via an internal announcement

You can also educate your customers, contractors, vendors and others within your ecosystem about Identity Management Day. As an increasing number of entities catch on to this holiday, an increasing number of organizations will establish stronger security safeguards.

Closing thoughts

Join the mission to promote good identity management practices. As the number of advanced persistent threats increases, organizations need to advance identity management practices and policies. Weak or inadequate identity and access management can needlessly place organizations in harm’s way. Make your organization more secure this year.

Share information about Identity Management Day with your colleagues and peers. Check out the Identity Defined Security Alliance’s video clip here. Lastly, to receive cutting-edge cyber security news, insights, best practices and analyses in your inbox each week, sign up for the CyberTalk.org newsletter.