[BreachExchange] Are you also keeping your front door open for hackers?

Audrey McNeil audrey at riskbasedsecurity.com
Fri May 5 10:07:01 EDT 2017


Did you know most of the cyber attacks that happened in the past few years
utilized the stolen credential of users1 to enter through the front door of
their business? Now crossing this front door shouldn’t be this easy but
with new trends coming up everyday in IT, proper access management becomes
a complex task. The world is going digital like never before, resulting in
the number of new apps coming up everyday. Not to mention, the new group of
users in the form of customers, employees, partners, contractors with their
own access levels, specific to the applications they want to use.

Another reason is the huge shift towards mobile and cloud based adoption.
The distinct boundaries between enterprise solutions have been blurred by
this adoption trend and thus gave birth to separate mobile and cloud based
access controls. The whole scenario has left organizations with fragmented,
unstructured and heterogeneous access management solutions. This makes them
more vulnerable to cyber threats due to the lack of more robust and uniform
security policies.

But don’t worry! It is never too late. All’s not lost. All that businesses
need is a robust access management solution that can not only eliminate the
access control complexities but also impose high level security policies.

How can you keep your front door closed and protected from hackers?

A robust access management solution must have the following capabilities:

It should work for both desktop as well as mobile

Gone are the days when the sole purpose of an access management solution
was to manage a single type of interaction i.e. web browser or single app.
It is estimated that the global mobile users are going to touch the figure
of 6.1B users by 20202 Every year more and more users are accessing
sensitive data via their mobile phones, tablets and smart devices.
Moreover, the growing API ecosystem is making it easier to proffer a smooth
experience across all of these platforms.

While the trend of going mobile is at its peak, what businesses are totally
ignoring is the vulnerability this trend is bringing along. Traditional
access management solutions are no longer capable enough to manage the
security and thus one security failure and businesses will be on the verge
of losing their precious data. In order to impose robust security and
centralization, there comes the need of an access management solution which
is capable enough to create and manage policies across the channels.

It should support adaptive authentication

Do I even need to say that username-password combination is no longer
strong enough to keep you safe from hackers? But again, you can’t implement
high security policies everywhere since it will ruin your customer
experience. In order to strike balance between security and customer
experience, businesses must move from “always on” to “risk based” approach.
Instead of imposing high security everywhere, interaction conditions should
be analyzed in order to determine the risk level. Want to know, how it
works? Read on!

For e.g. if a user is trying to access a website from an unusual location
or device, you can step up security by adding some additional level of
verification or this can also be done on the basis of type of resource the
user wants to access. If the process is related to fund transfer, stepping
up security should be must.

Adopting adaptive or risk based approach makes sure that only the
authorized person gets access and at the same time, it eliminates the
frustration caused otherwise.

It should support federated access

There is no doubt, cloud based SaaS (Software-as-a-service) solution can be
a great help in enhancing security and reducing expenses. Moreover, new
heights of collaboration can be achieved if businesses start granting each
other’s users access to their own resources based on the established trust.
But many of the businesses don’t notice that these relationships can lead
to a huge access management challenge. The reason being, security admins
always prefer to maintain a synchronized and current user lists across the
ecosystem and in many cases, cross-domain user administration is almost

In this scenario, the need of an access management solution arises that can
support federated identity3 access. This way, users can bring their own
identity with them (either from the organization or from social ID
providers). If the access management solution comes with federation
support, the benefits can be extended with above two features. Moreover,
users need authentication once for both in-house as well as cloud services,
thereby saving time and eliminating password fatigue.

Wrapping up

By adapting an access management solution that provides centralized access,
supports mobile, adaptive authentication and federated identities,
businesses can sort out the huge web of applications. A robust access
management solution with above mentioned qualities will impose security
without interfering user experience. Lastly, such an access management
solution will keep your door closed for the ever hungry cyber criminals.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20170505/e2662eca/attachment.html>

More information about the BreachExchange mailing list