Summary
This chapter covered quite a bit, so why not recap? We initially covered identity: what it is, how to assign unique identities, and how to protect them. Each user should have a unique identifier and password to protect online service accounts. We also took this a step further and introduced MFA, which further protects the identity from being compromised while providing enhanced validation or proof that the identity belongs to a specific user. Securing data on disk, in transit, and in use was also discussed. These technologies utilize some form of encryption, whether that is utilizing full-disk encryption or TLS for in-flight data transactions. We also discussed the need to protect information resident in memory so that adversaries do not gain access to it while the file is opened or in use.
Backups were also discussed and their need to be secured and encrypted. Backups contain all of your information, from every IT resource, so extra care should be taken when considering...
