Why investing in identity access management is a must-do in a time of remote working
This is a guest post by Shahrokh Shahidzadeh, CEO at Acceptto
These past two months have been among the most extraordinary times any of us can remember. The COVID-19 (CV-19) impact is all around us, indiscriminately impacting all of our lives, our work, the economy and for sure we are on the onset of a new normal that we are learning how to deal with daily.
There are always two stages of dealing with a change of this magnitude. First, we react immediately, thinking about what we must do differently now. Soon, we will begin to think in the longer term, reacting to and planning for permanent changes that result from the CV-19 pandemic.
First, the CV-19 pandemic has aggressively pushed companies to question the rules for how business should be done, particularly as it relates to granting access to corporate resources to employees who are mostly now working remotely due to “shelter in place” requirements.
Now, security and IT administrators may be finding themselves wondering if now is the time to continue to rely upon decades-old technology that has been proven time and again to be breeding ground for cybercrime.
The Chief Information Security Officer (CISO) is on the front lines, not only firefighting for the security of their respective businesses but also planning, learning what we must do differently as we transition into managing the long-term impact of the CV-19 pandemic.
We can already predict the danger in the dramatic increase in BYOD devices. As new phrases like social distancing and shelter in place are now part of our daily vocabulary, syndicated cybercriminals are leveraging the fact that most employees will have to use their personal equipment to work.
Prioritizing Identity Access Management
Priority #1 is securing the remote work force. CISOs must take a hard look at their company’s Identity Access Management (IAM) strategies. IAM products provide IT managers with tools and technologies for controlling user access to critical information. They make sure the employee is who they say they are by making sure the right online credentials access the right resources/assets at the right time, establishing source of truth and trust.
What makes Next Generation IAM a priority over other security tools in today’s remote work environment? Here are few key considerations CISOs should be making as they prepare for both the crisis at hand and the future afterwards:
1. Invest in Passwordless: The 2019 Verizon Data Breach Investigations Report (DBIR) reports that 80 percent of hacking-related breaches are tied to passwords. That’s right, we’re talking about the ubiquitous password that most companies still rely upon as their sole means of authentication and authorization. We may not be able to see change overnight, but now is the time to make passwords benign.
2. Invest in detection, recognition and analytics: In 2019, IBM reported that the average time to identify a breach was 206 days, just over 6 and a half months. The risk now, brought on by the dramatic increase of BYOD as a result of COVID-19, is surely much greater.
Measure the efficacy of the solution in providing insights into analytics and whether it can monitor and report anomalies in user behaviours at runtime. It is key to choose a solution that can provide actionable insights in real-time and take appropriate actions to contain harm once a policy break has been detected.
3. Invest in smart multi-factor authentication (MFA) not legacy binary 2FA/MFA: Multi-factor authentication often imposes significant friction through a variety of temporal (e.g., OTP, captchas, reset links) and binary controls that have still proven to be ineffective safeguards against techniques such as credential stuffing, SIM swap, and identity spoofing. However, modern smart MFAs include sophisticated algorithms that use artificial intelligence and machine learning (AIML) to make access management secure and frictionless by detecting threat actors’ risky behaviour, preventing fraud at inception. When selecting your “smart” MFA:
Execute for now and plan for flexibility in the future. Your selection should address immediate needs, but must include paths to modern modular technologies that will support all your future needs. This means a solution that supports:
a) IAM and CIAM needs
b) Offers On-premise, Cloud and Hybrid
c) Covers all three vectors of mobile, web and workstations
d) Allows for interoperability.
e) Offer Configurable Smart Out Of Band Delivery
4. Invest in a solution that offers integrated Risk Engine and flexibility to ingest data from your whole security stack to keep up with the changing threat surface. Invest heavily in a Risk Engine and data analytics tool that is capable of ingesting data from various risk sources. These sources include device and browser trust, mobile analytics, SIEM, DLP, UBA, discrete application policy orchestration tool, usage fingerprint, network threat intelligence, data encryption and hygiene tools etc.
5. Invest in an IAM solution that offers device and browser root of trust: While companies consider the consequences of working from home including systems access, internal IT infrastructure access, bandwidth costs and data access, CISOs must onboard BYOD devices and associated browsers to classify them as “Known Somewhat Healthy” devices with a discrete ability to evaluate their hygiene, while also instituting a “Get Well Plan” to safeguard against hidden new threats. New threats that come with all these potentially infected personal devices that are now on the network, unprotected.
About the author
Shahrokh Shahidzadeh leads a team of technologists driving a paradigm shift in cybersecurity through Acceptto’s Cognitive Continuous Authentication.
DISCLAIMER: Biometric Update’s Industry Insights are submitted content. The views expressed in this post are that of the author, and don’t necessarily reflect the views of Biometric Update.