Can focusing on access and identity provide a security boost to your business?
It has become a well-established view within the technology industry that, when it comes to cyber security, humans are the weakest link.
Security software has never been more advanced or more readily available, but it all counts for nothing if an employee lets in an attacker after falling for a phishing email, or works as a malicious insider to steal company secrets.
With this in mind, Tom Kemp, CEO of Centrify corporation, believes organisations need to focus more on user access and identity if they want to secure their data in what he calls the ‘age of access’.
Speaking at cyber security conference RSA 2017 in San Francisco this week, Kemp explained that, as employees often depend on public Wi-Fi networks to access business documents, it has become just as important to secure the user as the device itself.
“Should we not leverage biometrics on the device so I don’t have to type in a password when someone else is sat next to me,” he said. “Should we not actually have an analysis of my behaviour?
“People often ask me ‘will focusing on identity provide a material impact to my business?’ I can tell you the answer is yes.”
Kemp identified four steps that organisations need to go through to become more mature from an identity perspective.
The first is to establish identity assurance, which “at a base level means implement multi-factor authentication everywhere, not just for your VPN, but for your email, your apps, your network, your databases”.
It also requires the consolidation of identities, i.e. reducing the number of passwords and identities a user has through the likes of single sign-on software and the integration of biometric authentication which is often now readily available on consumer devices.
The next step is to limit lateral movement by implementing processes such as access approvals, followed by enforcing the rule of least privilege. We have workflows associated with normal apps such as booking holidays and purchase orders, Kemp explained, so why do we not have workflows for access?
And the final step: “Capture everything”. Logging and monitoring should be thought of as a security camera on your servers and applications and be treated with the same importance as security for your home.
“You can actually significantly decrease the number and extent of the breaches that you’re facing by addressing the new attack vector which is too many passwords, too much privilege,” Kemp said.
“Give people single click access to their applications, leverage SSO protocols, leverage multi factor authentication and your users will be more productive, you can adopt new cloud technologies a lot faster and start reducing the number of breaches.”