Barry McMahon, Senior International Marketing Manager at LogMeIn, explores the ongoing challenges that organisations are facing with identity access management. As well as this, he considers the impact that new technologies have in resolving the problem.
It is no secret that there has been a steep rise in the number of cybercriminals looking to target businesses. They attempt to obtain personal data and intellectual property. Last year, the ICO issued a record breaking total of monetary penalties – 22 fines totalling over £3million to businesses not protecting this data. While new research from Accenture found that the average number of security breaches in the last year grew by 11 per cent, which is a 67 per cent increase over the last five years.
It is one thing to look at the increase in attacks and fine those that are not meeting the challenge of protective data. However, it is another thing to be working on the inside, trying to implement a robust security program.
Not only are businesses struggling with this, they are also faced with the challenge of identity. Today everyone has passwords for more websites and applications than they can remember, but it only takes one weak or compromised password to give a cybercriminal access to data, potentially impacting the whole organisation.
This is only made more complicated by the number of entry points, which is constantly expanding. So, IT teams tasked are stretched thin trying to keep track of and secure cloud apps, unsecure Wi-Fi networks and unknown or personal devices.
This culmination of pressures mean businesses need to find ways to gain greater control over employee credentials. A smart way to do this is through enterprise password management, single-sign-on and multifactor authentication solutions. Implementing these management practices will help safeguard organisations in today’s digital, mobile workplace that requires frictionless access from anywhere you find yourself working.
Also of interest: Podcast - Why can’t we retain the cyber talent that we need?
Identity is the cornerstone of security
Security breaches have felt like a constant in the headlines over the past few years, with many stories leaving a lasting impact on companies and customers alike. Fom Equifax who failed to protect the personal information of up to 15 million UK citizens, to Carphone Warehouse who put 18,000 customers and over 1,000 staff’s data at risk.
Even charities are not immune to security breaches, as the British and Foreign Bible Society experienced when its network was compromised exposing the personal data of 417,000 supporters.
The organisations that often garner the most attention are large, global, household names leading to the assumption that they are the main target for cybercriminals. However, 43 per cent of smaller businesses fall victim to data breaches, according to Verizon’s latest Data Breach Investigations Report.
Passwords are a major contributing factor in many breaches – according to Verizon’s Data Breach Report, 80 per cent of hacking-related breaches used weak or stolen passwords – and the frequent sharing and re-use of passwords by employees creates an even greater risk. According to a recent LastPass survey, 50 per cent of people don’t create different passwords for work and personal accounts.
This can cause many challenges, with IT teams finding themselves backed into a corner as pressure grows to stay on top of the expanding security landscape with limited time, staff and resources. Budgets continue to tighten, so it can also be difficult to defend investment in security tools that can often be seen as a barrier to flexibility and efficiency.
However, IT teams shouldn’t be defeated. They are fighting for the right thing and once they have found a solution that’s cost-effective, boosts security and enables productivity, then it will be worth it.
Also of interest: Cyber-security is dead: Long live digital security
Identifying identity and managing it
Identity solutions can become a secret weapon for many of the issues facing IT teams, while also satisfying fast moving employees and budget conscious management teams. Specifically, identity-as-a-service (IDaaS) brings the flexibility and affordability of the cloud to identity management.
An IDaaS solution is hosted and managed by a third-party service provider and delivers a consolidated view of the access and authentication activity across the whole organisation. This takes some of the stress off IT teams, allowing them to do their job and protect the whole business ecosystem.
The ideal identity solution is made up of many parts – and just as many acronyms – specifically:
- SSO – Single-sign-on, enables users to have just one set of credentials to login to all of their enterprise accounts. This is enabled across multiple applications, to minimise the number of login stages employees need to go through which decreases the amount of time employees spend logging into applications. This reduces the number of passwords in use, in turn reducing the number of help desk tickets for password resets, providing a seamless process and a more secure organisation.
- MFA – Multifactor authentication provides an extra layer of security which requires users to verify their identity with additional factors such as biometrics. MFA incorporates something you are, something you have and something you know, adding an extra dimension that two factor authentication lacks. Leading MFA solutions offer adaptive authentication, building individual profiles for users and adapting authentication requirements to different login scenarios.
- EPM – Enterprise Password Management eliminates poor password habits by creating, storing, and filling in passwords, reducing the password burden on the IT team and freeing up resources for more value-add activities. This allows IT teams to create, manage and enforce password policies across the organisations. The average employee manages nearly 200 accounts, all of which are not necessarily company sanctioned apps. An EPM solution can create secure credentials for all of the apps within an organisation and help to identify ones that the IT team would otherwise not have known about.
Bringing all of these features together under one platform can bolster perimeter security, significantly mitigate risks and bring management of all critical entry points together, in turn, streamlining operations for the IT team.
Also of interest: Do CISOs need an image makeover?
Stacking up the benefits
Combining these three technologies – EPM, SSO, and MFA – into a single cloud-based identity solution addresses many of the issues that both IT teams and employees raise when asked about working with security solutions.
On the IT front, these solutions can be quickly deployed, authentication methods can be enabled, and security policies can easily be set. Additionally, using a cloud-based solution takes away the complexities of managing and working with on-premises system infrastructure.
Both groups are therefore able to seamlessly carry out day-to-day work and responsibilities without the constant worry about identify or interference of clunky security tools.
On the flip side, benefits can be seen outside the walls of the IT team. Employees gain seamless access to accounts without having to remember or find countless passwords, allowing for focus on work, raising output levels and eliminating security problems with password reuse.
IDaaS solutions also give IT teams visibility into user behaviours across apps and devices, so they can update policies and properly manage access in an economical way – ideal for IT teams who are tight on time, resources and funds.
Many businesses find themselves living in the hope that they are not the next to experience a cyber-attack but doing nothing will never be the answer – especially in today’s digital climate. Identity management can be daunting, but with the right tools it can be a key part of staying secure.
Truly understanding what identity means to your organisation and employees is the starting point and then identifying a solution that ticks all the right boxes, within the right budget of course, will be within reach.