by Rebeca | Feb 16, 2022 | cybersecurity, soffid
At the heart of remote cybersecurity is Privileged Access Management (PAM). It’s the protection around sensitive and privileged user accounts, which are the crown jewels for cybercriminals. For the channel, PAM creates a new revenue stream and further business opportunities with their customers. It is true that having unrestricted access to clients’ IT estates is part and parcel for a service provider. But, it does pin a huge target on their backs.
Offering comprehensive PAM solutions will enable channel partners to secure, manage and monitor access to their own privileged accounts. As well as those of their clients, keeping the most valuable keys to their network safe.
Remote working is here to stay, and the channel is pivotal in supporting organisations in their efforts to maintain the best protection against cyber attacks. Whether they’re adopting a hybrid, or fully remote working model. Channel partners have a rich portfolio of security solutions. They are in the ideal position to facilitate these flexible models and provide organizations with the seamless IT support. Because they need to connect workers securely, irrespective of their location.
Privileged Access Management can provide partners with greater security not only for their clients but for their own accounts too
In today’s cyber environment, stolen and misused privileged accounts can be used to inflict tremendous damage. As well as the access they provide to sensitive and critical data and hosts
Implementing a Privileged Access Management (PAM) tool
Implementing a PAM tool reduces the likelihood of privileged credentials being compromised or misused in both external breaches and insider attacks. Such tools also help reduce the impact of an attack when it occurs. Because radically short the time during which the organization is unaware that it is under attack or being subverted. Cloud security, anomaly detection, and securing the software development life-cycle also can be addressed with a PAM tool. As can regulatory compliance and operational efficiency.
PAM solutions need to be aware of not only who a user is, but also to which resources they should be granted privileged access. To enhance security even further, strong PAM solutions tend to have their own layers of security capabilities. That is, they will have the ability to limit user access not only by role, but also by other factors, such as time and location. This ensures that even an authenticated user only sees the specific resource being accessed, and only when appropriate.
As a quick example, a given user has privileged access to a server to perform an upgrade because they have the server administrator role. But the PAM administrators might also limit that privileged access, for business reasons or simply as a security practice. Granting a two-hour window starting at midnight, for example.
Outside of that time frame, even with the login credentials, the user won’t be able to access the server for good or malicious reasons.
Multifactor Authentication (MFA) & Privileged Account Management (PAM)
If a user has successfully authenticated to the system, the PAM system will provide the user the privileged access they have been granted. Of course, that’s entirely appropriate, when the user is who they say they are. At the same time it is potentially disastrous when a privileged user within the system is not who they say they are.
Strong PAM solutions have safeguards to protect against this very situation. Session management tools, for example, will alert the security team (or automatically kill the session) when the activity undertaken by a privileged user is outside of defined parameters. One possible case might be a so-called database administrator who suddenly starts rapidly executing a large number of queries against multiple databases.
But what of the case where a hacker has stolen a DBA’s credentials, gained entrance to the system? And then undertakes activity which does not raise alarms, such as running an occasional query as the legitimate DBA might do?
Once you gain access to the system, do you engage in non-alarm activity? Like running an occasional query like a legitimate DBA would.
How do MFA and PAM work together?
This is the kind of situation that MFA and PAM solutions avoid when they work together.In this way they provide a true layered defense of security. Where strong PAM solutions excel at providing only the appropriate access to privileged users. A strong MFA vs. PAM capability ensure users are who they say they are before they get to the point of granting privileges.
It’s a layered strategy that truly helps security teams and administrators create a defense-in-depth. It is a solid way to increase the cybersecurity of a company. Especially in today’s environments that are subject to constant hacking attempts.
References:
(1) Newsweek.com
(2) secureworld.com
(3) Dark Reading
Picture: Foto de Negocios creado por jannoon028 – www.freepik.es
by Rebeca | Feb 10, 2022 | cybersecurity, Resources, soffid
Globalization, easy access to information, exponential growth of immigration and society diversity, worldwide political and cultural conflicts, all these phenomenons have impacted the threat paradigm of security that has also been immutably changed by domestic and foreign terrorism.
Everywhere you go, organizations are in the middle of some sort of transformation. Whether it’s modernizing the platforms that have been there forever, trying to launch a data center in the cloud, or trying to manage manufacturing or IoT devices more efficiently, the size and shape of our digital footprint is changing. We no longer just have a “digital network”, or “digital services”, we now have an entire “digital ecosystem” and even that keeps expanding.
There’s no denying that we’re living in a time where the cybersecurity threat landscape is increasingly dynamic and complex. The landscape includes cloud-native environments, Infrastructure-as-Code (IaC), containers, secrets management, remote work
These new technologies and practices logically require security tooling to help address potential vulnerabilities and respond to threats and incidents when they do occur. However, there is a cost associated with the increased tool introduction and use.
Using multiple security applications results in identity sprawl. When a company uses siloed systems to manage its security risks without synchronizing them all, it creates a different identity for each application user. Few applications do not connect with the central server, forcing organizations to manage multiple identities.
Many organizations using cloud services have to suffer through various identity management. Organizations need to resolve identity sprawl issues to strengthen their cybersecurity and maximize security alerts. As every identity requires different credentials and passwords, it is impossible to keep track of them. Therefore, companies use the same passwords and account credentials for every application, pushing them to credential-stuffing.
If a company’s one application is targeted and breached, the attackers will gain access to the rest of the security applications and then sell this information on the dark web. From here, threats snowball, leaving the organization vulnerable to considerable brute force and hybrid attacks.
Product sprawl wastes many resources as the IT teams have to work overboard in software maintenance and individually train every employee to use all security products. It also wastes valuable time finding, opening, navigating, obtaining vital information, and switching between multiple products.
Product sprawl negatively affects individual and team productivity. When the teams have to operate numerous applications, it reduces the opportunity to work together and stay on the same page. Moreover, the transition from existing tools also becomes impossible as it requires training sessions to get them up to speed with every software.
What about Convergence?
We can define Convergence as the identification of security risks and interdependencies between business functions and processes within the Enterprise, and the consequential development of managed business process solutions to address those risks and interdependencies. This definition captures a significant shift from the emphasis on security as a purely functional activity, to security as an “added-value” to the overall mission of business. This is an important starting point because it essentially changes the way the concept of security is positioned within the enterprise.
Future of Security
Managing the successful convergence of information and operational technology is central to protecting your business and achieving crucial competitive advantage
Identity Governance and Administration is– and to have effective security must be– that common meeting point of many different security disciplines.
To efficiently and effectively draw the security perimeter, it makes more sense to have a single, holistic view of organizational identities where you can determine policy, view posture, enact compliance, and respond to risk.
GRC (Governance, Risk Management, and Compliance) is the future of cyber security. A well-thought GRC strategy improves security objectives by better decision making, information quality, and team collaboration.
A cybersecurity platform makes it easy to transition new employees without extensive training. As the previous cybersecurity system needs to be manually monitored and tracked, GRC has automated firewalls. High-quality antiviruses and firewalls make businesses more secure, catching and destroying viruses before they breach the central data platform.
For organizations that are already worried about their cybersecurity incident response preparation, the accelerated pace of migration to the cloud brings on new and unique challenges. In an attempt to close these security gaps, organizations spend on the latest cybersecurity tools.
Some special accounts, credentials, and secrets allow anyone who gains possession of them to control organization resources, disable security systems, and access vast amounts of sensitive data. Their power can provide unlimited access, so it’s no surprise that internal auditors and compliance regulations set specific controls and reporting requirements for the usage of these credentials. Interconnected IT ecosystems streamline business processes but often obfuscate core risks that need to be identified, analyzed, and monitored to create an enterprise Governance, Risk, and Compliance (GRC) vision. Soffid is is equipped with federation functionalities, privileged account management, low level permits, separation of functions and recertification processes.
Our intelligent analytics continuously monitor for and identify new access risks while providing native connectors with GRC solutions so risk managers can create holistic enterprise risk management strategies.
Sources:
(1) riskandcompliancemagazine.com
(2) Pwc
(3) Deloitte
Picture: <a href=’https://www.freepik.es/vectores/fondo’>Vector de Fondo creado por freepik – www.freepik.es</a>
by Rebeca | Feb 2, 2022 | News, Release, soffid
In today’s digital world, enterprise IT and security professionals are increasingly seeking identity and access management (IAM) services to provide secure and positive customer experiences.
We’re excited to announce the general availability of Soffid 3.3.X, our latest version. The new Soffid release includes security enhancements.
It also includes:
- the possibility of having multiple instances of synchronization servers, each with its own IP address.
- Two web services are created internally.
- One public https to provide service to SSO clients, synchronization, …. etc.,
- and another internal http to access the monitoring of logs and the system.
Java mail has been updated for both the console and the sync server.
Improvements have been included for memory management in java 11.
The docker version has been improved so that both console and sync server can be run without the docker user being root.
Console
At the Sync server monitoring page, you could view the status of all the sync servers instances.
Improvements on the columns organization at the pages with lists as Users and accounts. Now you can configurate the order at the “Add or remove columns” option.
A disabled group will be displayed strikethrough, as happens with users and accounts.
At security level, a new authorization to allow enabled and disabled users.
An improvement at the Access logs page has been added. The session control start and end has been improved and the protocol used to connect now is displayed.
An account is blocked for ten minutes if the user fails three times writing the credentials.
Sync Server
With distributed environments in mind, we have added the capability for each Sync server to auto-generate its own certificate and auto-sign it. These certificates will be stored in a Soffid database table to know the relationship between the certificates and the sync servers.
For each synchronization server a certificate will be generated with a validity of two years.
45 days before the expiration date, a new certificate will be created.
15 days before the expiration date, the new certificate will be activated.
It will be mandatory to restart the synchronization server to use the new certificate, if necessary, the synchronization server will restart itself just before the expiration date.
Connectors
When you are configuring an agent, at the “integration flows” tab, you can click into the mapping properties and the proper properties will be displayed to update.
Incremental update in SQL connector to detect the table changes made out of Soffid.
Performance improvements when a lot of connectors are in use.
Soffid features help enable enterprises to meet multiple business needs, taking ease of use and cost efficiency into consideration. This is in addition to providing enterprises with the ability to reduce administrative burdens and deliver more frictionless user experiences. As the market for identity security evolves and enterprises continue to demand cutting-edge products, Soffid is committed to making industry-leading enhancements without sacrificing the user experience.
Explore to learn more about our products and solutions, the broadening role of identity in IT and product development, and how Soffid can power your business.
by Rebeca | Jan 26, 2022 | cybersecurity, soffid
Recently, there has been a staggering rise in cybersecurity threats. This is primarily due to the coronavirus pandemic. Increased geopolitical tensions, and cloud and IoT adoption have made companies vulnerable to more frequent and damaging cyber-attacks creating a greater need for security infrastructure and talent.
It is fair to say that convergence can be good for vendors but challenging for users. For many organizations, the prospect of any software platform conversion means more costs, more and possibly different licenses, and added usage. Also, product convergence eliminates competition, potentially leading to higher prices and fewer choices.
Today’s organizations need a cloud-based platform that supports centralized management of remote, mobile, and access to the data center or cloud, and:
- Unifies access policies for on-premise and cloud deployments
- Addresses the nuances of enterprise mobile security
- Reports on the health of all appliances and devices
- Provides a mass-provision workspace for deploying patches and features
Other challenges these organizations face include
- Error-prone access management.
Managing access security appliances on a box-by-box basis is time-consuming for resource-strapped IT teams – and it’s an approach that is prone to error.
- Disparate point solutions.
Separate solutions for remote, local, and mobile enterprise access increase equipment expenditures, operational overhead, and compliance complexity.
- Burdensome bulk operations.
Without centralized management capabilities, IT teams can’t easily perform firmware updates and policy changes across the enterprise, or replicate configuration and polices from one appliance to many.
Identity
Identity started with a focus on humans. Thus, identity is something that can describe a person with a consistent set of details/attributes. But in the era of digital transformation, it is not limited to human identity only.
Conventional IAM architectures have relied primarily on the ability to authenticate user credentials to a directory store and grant fine-grained access to business applications based on statically assigned privileges, regardless of any inherent risk posed by a user.
This model no longer reflects an IT landscape in which a mobile workforce can use unmanaged smart devices from anywhere in the world to access sensitive data in cloud-hosted business applications.
A comprehensive identity platform allows for a common user experience across multiple applications and systems (both legacy and modern). In addition, it will enable consumers and distributed workforces to use the same authentication method to access applications and resources across different enterprises.
Soffid helps organizations increase the maturity of their program by protecting your company from breaches, thereby, aiding in productivity, competitiveness, and maintenance of regulatory framework.
Sources:
(1) computer.org
(2) Technology Hits
(3) Solutionsreview
Picture: <a href=’https://www.freepik.es/fotos/grafico’>Foto de Gráfico creado por rawpixel.com – www.freepik.es</a>
by Rebeca | Jan 19, 2022 | News, soffid
Rising need for better data security and disaster recovery solutions and growing demand to improve workload performance are some key factors driving global hyper-converged infrastructure market revenue growth. Factors such as technological advancements in manufacturing techniques and rapid urbanization and industrialization are boosting market revenue growth. These factors along with latest trend for redevelopment and advanced flooring for aesthetic look and increasing adoption of automation across the globe are technological market growth. In addition, government schemes and increasing investments to develop enhanced products is expected to open favorable growth opportunities going ahead.
Predictive analytics will drive new, emerging use cases around the next generation of digital applications. The technology will become more immersive and embedded, where predictive analytics capabilities will be blended seamlessly into the systems and applications with which we interact
The Soffid engineer’s team worked to add and improve many features, to enhance the functionality and make Soffid ICM the most complete and competitive IAM & PAM solution in the market.
Features as
- Web Single Sign On
- Network Discovery
- PAM Rules & Policies and
- The Sync server improvement
have been added or totally renewed to offer the end user the ease, usability and efficiency necessary and reducing the deployment time frame.
Many organizations no longer possess the skills and resources in-house to effectively address the increasing complexity of identity and access management (IAM) challenges they are facing. As the IAM landscape continues to rapidly evolve, security and risk leaders must improve their approaches to identity proofing, develop stronger vendor management skills and mitigate the risks of an increasingly remote workforce.
Soffid proposes the Identity Convergence as the common meeting point of many different security disciplines.
Traditional approaches to IAM, which reflect an era when devices were centrally managed and business applications resided behind the enterprise firewall, are becoming increasingly anachronistic. In a post-COVID, post-perimeter world, identity has become the first line of defense. The inevitable result of this trend will be the convergence of identity and risk.
The market study, titled Global Converged Infrastructure Management Market 2022, has been compiled by industry experts and is based on a comprehensive analysis of the Converged Infrastructure Management Market in the world.
The in-depth analysis of the industrial chain supporting the Converged Infrastructure Management Market in the globe incorporates factual information about every aspect of the market such as details about the players operating in the Converged Infrastructure Management Market, the manufacturing chain, production capacity, sales volume, and the contribution to the global Converged Infrastructure Management Market in terms of revenue.
To efficiently and effectively draw the security perimeter, it makes more sense to have a single, holistic view of organizational identities where you can determine policy, view posture, enact compliance, and respond to risk. This was Soffid IAM vision when we started converging IAM and PAM.
If an entity can be discretely identified with an ID and has a consistent set of attributes, it is now an identity to be secured.
We’d love to hear from you. See how Soffid can help you stay ahead of the curve in a rapidly evolving digital world.
Picture: <a href=’https://www.freepik.es/vectores/fondo’>Vector de Fondo creado por rawpixel.com – www.freepik.es</a>
