How can IT teams help businesses navigate the next security storm?
Over the past few months, IT teams have often been the unsung heroes of the kitchen table office. During this time however, a rise in cyber attacks has been a major concern, with those targeting home workers exploiting ‘anywhere’ technologies such as email, VPN and cloud services in particular.
Guest blog by Ben Bulpett, EMEA Director, SailPoint
This has been no coincidence. The shift to remote working has made it more difficult for IT teams to monitor the enterprise security perimeter, with hackers looking to take advantage of multiple user access points. And with significant changes taking place in the workforce, how can any IT team be sure who has access to what anymore?
For many companies, security and compliance gaps have surfaced in the rush to maintain business continuity, and it’s crucial these issues are resolved to ensure business survival. As organisations brace themselves for new economic challenges, identity governance is one of the tools that can help them navigate the next impending storm - which may in fact be one we’re already familiar with…
In a July survey of EMEA IT experts, SailPoint found 86% believe that monitoring for cybersecurity threats will actually become more challenging in the next 18 months. This is in part due to the fact that the number of ‘SaaS’ tools in enterprises is expected to be increased even further.
Many companies are already rethinking their IT infrastructures to reflect lessons learned from the IT challenges of lockdown. Could there now be another security storm on the horizon, fuelled by an exponential growth in user types, apps and access?
Gaps in security and compliance
Storm clouds have been brewing while we’ve been in lockdown, and it’s imperative IT leaders recognise these and take action. When lockdown was imposed, IT security teams responded with ‘break glass’ approaches to get employees up and running from home. Time was not a friend, and the bar to cross was ‘functional’ and not ‘optimal’. One of the risks of this approach is the shortcuts being taken and access being provisioned freely. Have we really been able to audit access and who has been doing what over the past few months?
Prior to the pandemic, organisations may have got away with basic access management and provisioning. But after the rush of getting the workforce functioning remotely, security and compliance gaps are now likely to surface.
Managing dynamic change in the workforce
When we consider the dynamic changes in the workforce that have also occurred as a result of the pandemic, an even bigger problem emerges.
From reduced hours, to furloughing, to redundancies, the COVID-19 crisis has forced many organisations to restructure their workforce. As the economy slowly reopens, many are returning as contract workers, and those coming off furlough might see their job responsibilities change in order to help meet shifting business needs. In the near future, we may see a gravitational shift toward zero-hour contracts, so that companies and governments can prepare in the event of a second wave of the pandemic.
So, how effectively are the identity management systems able to cope with this change in the workforce?
Protecting the security perimeter
Whether employees continue working from home, return to the office with different responsibilities, or enter into a contract-based role, identity governance plays a crucial part in protecting the enterprise’s security perimeter. Through this, IT teams can speed up the process of enabling and securing their users’ access to key applications, data, and infrastructure, pivoting quickly as the business’ and users’ needs change.
And importantly, with these processes in place, businesses can readily prove that they not only know who has access to what, but whether their users should have that access and how that access is being used. This insight is critical to both compliance and security efforts today.
Here are some key steps when it comes to navigating the storms ahead, with an identity-based approach at the core:
- Verify your identities and ensure that your access polices are robust and open to scrutiny. No one will forgive a breach because you ‘broke the glass’ to accommodate remote working - positive governance is essential.
- Ensure appropriate in-app permissions, gate access based on real-time analytics, and monitor and control user actions. Use machine learning and the latest artificial intelligence tools to manage this across both your on-premise and cloud applications.
- Move from a perimeter-based data protection to an identity data-driven process. Use identity to identify the owners of the data and the platform to intelligently classify and label data. This should be for all structured and unstructured data.
- Only when you have plotted your access policies, addressed application permissions and achieved complete protection of your data can you navigate successfully through the current storm.