
Creating a Security Program for Small to Medium Sized Businesses
1. Embrace Single Sign-On (SSO) SSO simplifies access and enhances security. Decide on an IdP (Identity Provider) early on and use that provider with every vendor your business integrates with. Some examples of IdPs are Google Workspace, Auth0 and Microsoft just to name a few. 2. Insist on Multi-Factor Authentication (MFA) Implement MFA wherever possible, avoiding SMS-based methods due to their vulnerability to SIM swapping attacks. For enhanced security, consider hardware factor authentication options such as biometric scanners, including Touch ID or fingerprint recognition, and physical security keys like YubiKey....