3 Tips for Increasing Identity Security Posture Amidst Recent Cyber Threats

by | Jul 16, 2024

Large-scale breaches, such as the recent Snowflake incident, highlight the importance of a strong identity security posture. In light of the recent Snowflake incident (and subsequent controls implemented by Snowflake in response), it is worthwhile to take a step back and review the critical steps that one should take to ensure your organization is not left vulnerable to a breach.

1. Ensure Multi-Factor Authentication (MFA) is enabled, and no bypass is possible.

Zilla recommends enabling MFA across all business-critical applications, including systems with customer data, finance data, and audit-susceptible systems. For the strongest security, enable MFA wherever it is configurable. This step is a fundamental prerequisite for a strong Identity Security Posture.  

2. Maintain admin credentials in a secure password manager.

While SSO is a best practice, most organizations do not pay close attention to admin credentials that are intended for “break glass” purposes. Therefore, it’s crucial to also maintain admin credentials in a secure password management system to ensure continuity and control of privileged access. 

3. Conduct a service account review.

Improperly managed service accounts pose a significant vulnerability threat as organizations have increasing numbers of users, apps, and shared service accounts. It is important to conduct regular reviews of these accounts to validate their necessity and integrity.  For example, experimental projects that were done 2 years ago often continue to have active service accounts in the environment that can be exploited. 

Even by doing just these three things — enabling MFA, maintaining break glass admin credentials in a secure password manager, and conducting a service account review — your security posture will improve tremendously. The high-profile Snowflake incident is a good opportunity for security teams to get buy-in from internal stakeholders to implement these controls. Furthermore, these steps are simple and will not pose an undue burden on your application owners. 

The Zilla security module makes it easy for organizations to implement these critical controls of identity security posture and manage identity security throughout the lifecycle of users and apps. The security module detects when these misconfigurations happen, enabling security teams to be proactive. 

Schedule a demo to see how Zilla can help you strengthen and maintain a strong identity security posture. 

Author

  • Nitin Sonwane

    Nitin is the Chief Product Officer and Co-Founder of Zilla Security. He was previously part of the product team at MobileIron. Nitin joined MobileIron via the acquisition of ForgePond, a mobile application security startup that he co-founded and lead. Prior to ForgePond, he was the co-founder and head of engineering for Tap ‘n Tap, a pioneer of Android-based Tablet devices.

    Nitin holds degrees in Computer Science from IIT Bombay and the University of Massachusetts.

    Connect with Nitin via LinkedIn.

    View all posts

Recent Posts

Identity Governance Agony – A Discussion on the State of IGA Report

Feb 4, 2025

Zilla Security recently held a webinar to discuss the recently unveiled 2025 State of IGA Survey results. Zilla’s Chief Strategy Officer, Mark Jaffe, facilitated a discussion with two experts in the world of IGA – Brian Cap, IGA Practice Director at GuidePoint Security, and Zilla’s own Co-Founder and CEO, Deepak Taneja.

Deploying Zilla’s Modern IGA On-Prem: A New Approach for Azure Customers

Jan 30, 2025

Discover how Zilla’s PO Box deployment strategy for Azure enhances security, flexibility, and control for hybrid and on-prem environments. Learn about customizable deployment options using Azure Portal, CLI, or PowerShell to streamline identity governance for hybrid enterprise infrastructures.

The Power of AI-Driven Pre-Approvals

Jan 24, 2025

Discover how Zilla’s AI-powered pre-approvals reduce identity governance efforts by streamlining provisioning and eliminating redundancy in user access reviews. Pre-approvals help eliminate role management headaches, reduce access review efforts by 75%, and enhance security.

The 2025 State of IGA Survey is Available Now

Jan 16, 2025

Zilla surveyed 300 identity management leaders to understand their identity governance perspectives, challenges, and maturity. The findings, especially those around user access review automation and provisioning speed, were quite surprising.