by Rebeca | Apr 21, 2021 | soffid
The rise in remote-work has accelerated the need for organizations to change how they do business. One of the biggest challenges they face is having visibility in securing the business without compromising workforce productivity and user experience. They also face regulatory compliance pressures, with 66% of organizations expecting to spend more in this area.
IGA is the branch of identity and access management that deals with making appropriate access decisions. It allows your company to embrace the benefits of hyper-connectivity while ensuring that only the right people have access to the right things at the right times. When it’s done right, IGA makes security easier and gives you valuable insights about employee activity and needs.
The digital workplace brings constant change, innovation, and technology updates. In this new work environment, employees must be agile and innovative to meet customer expectations for a superior experience, and organizations must empower employees to make the right decisions and find new business opportunities.
The challenge for organizations is to attract and retain the right people with the right skills for the digital workplace—and give them the right digital tools to boost their productivity.
The benefits of moving to a digital workplace far outweigh the costs. These benefits include attracting the best talent; increasing employee productivity, satisfaction, and retention; and using cutting-edge communications tools. For the organization, the digital workplace breaks down silos and other barriers to employee productivity. At the same time, digital transformation brings more significant information security challenges, such as increased vulnerabilities that attackers can exploit.
The right identity governance and administration (IGA) solution can help an organization implement a zero-trust framework to enable the digital workplace. IGA bolsters the zero-trust security model by managing access based on profiles of users, devices, and services. It provides visibility into user identity and privileges, and it controls access to apps and data, thereby minimizing damage from attacks.
IGA also provides visibility into cloud-based applications. An IGA solution can automate provisioning and deprovisioning for the joiner, mover, and leaver scenarios. The joiner scenario is when the employee is first recruited, the mover is when the employee moves to another position within the company, and the leaver is when the employee leaves the company. By automating the process for each scenario, organizations can avoid mistakes often caused by manual processes. These mistakes can lead to additional costs as well as security breaches.
IGA also provides a role-based access policy. The access granted is based on the role that the employee performs in the organization. He or she is only allowed the access required by that role. When the employee changes roles, the access changes accordingly.
Do you need help with digital access management in your company? we can help you
by Rebeca | Apr 14, 2021 | soffid
The CISO is a leadership position responsible for: Establishing the right security and governance practices, Enabling a framework for risk-free and scalable business operations in the challenging business landscape,… The position of a Chief Information Security Officer (CISO) can take a variety of job tasks and responsibilities depending on the size, hierarchy, industry vertical and compliance regulations applicable to the organization.
In 2020, a world inexorably going digital was sped up by COVID-19, necessitating businesses to enable remote workforces overnight, without planning or preparation. This change required chief information security officers (CISOs) to ensure digital security on the go, simultaneously reckoning with new and emerging threats, while ensuring business continuity in a workplace that now featured a multiplicity of systems, networks, devices, programs, processes and overflowing information.
With the rise of digital transformation initiatives in 2020, a Chief Information Security Officer’s (CISO) already stressful work environment has become even more complex. A post-pandemic world has spawned other challenges for security professionals with the rise of remote work—like making sure data remained secure in an environment that wasn’t constantly monitored, Zoom hacks, secure API integrations, and dozens of other issues. CISO’s are facing more scrutiny about security posture from the Board of Directors than ever.
CISO’s needed to be on the top of their game—because, in addition to those high-risk challenges, countless businesses found themselves fast-forwarding their digital transformation initiatives to adapt to the new normal. 2020 has been coined as the year of the great accelerator because initiatives that had been put on hold were now suddenly necessary to support remote work. With the lack of in-person face time, combined with security risks, many businesses were playing catch up as threat models and control points changed, and they seemed always to find themselves one step behind.
Get here more information about A CISO’s 2021 Cybersecurity Wishlist
We can help CISOs to make their work easier. Soffid 3 provides the most intuitive and user-friendly interface, making the transition smooth and convenient. Proceedings are more flexible, so that you will have more committed users. Shall we talk?
Sources:
(1) cio.com
(2) searchsecurity
(more…)
by Rebeca | Apr 7, 2021 | soffid
No one wants a security breach to happen, but the media will be sure to pick it up when it does. By then, it is too late. Millions of dollars in fines or ransom notes later, and with a tarnished marketplace reputation, the company or government agency wishes they had paid more attention to their security protocols.
One way to achieve higher security is to instill a proper Privileged Access Management (PAM) initiative into the cybersecurity workflow. PAM is the process of determining who has access to what types of information as it creates an integrated view of risk, threats, and controls. PAM incorporates all-encompassing methodologies for how to use identities securely, how to enable logging and auditing for privileged identities for the quickest cyberattack response, and how to define what is privilege and what is not for an organization. In other words, PAM refers to a multi-dimensional cybersecurity strategy involving processes, technology, and people that aims to secure and monitor both human and non-human (machine)-privileged activities and identities throughout an organization’s IT landscape. For it to be successful, any such system has to be a part of the entity’s culture.
Privileged Access Management (PAM) helps organisations provide secure access to critical applications and data by addressing the very first security layer – the passwords.
Why is this important?
For hackers getting access to Admin or super user passwords is like hitting the goldmine – instant access to an organisations most critical assets and potentially right across the network
Key benefits
There are many benefits of a robust PAM system. Its effectiveness is enhanced with the knowledge of how to determine risk tiers, how guidelines are established, and best practices for implementing procedures, including how to overcome team-level resistance. Not having a protective system is imprudent. PAM providers offer various methods that achieve comparable results and benefits.
- It sets up the equivalent of a barrier wall to guard against attacks.
- It helps mitigate risk by ensuring compliance and confirmation with integrity.
- It improves IT efficiency for application teams by increasing efficiency and enabling seamless user workflows.
- It integrates with other tools to further enhance the organization’s cyber maturity as it creates more layers of security.
- It acts as a centralized system with clean dashboards, reports on systems in place, and an AI-assisted subsystem to provide safety based on user profile and risk factors.
Tools
Key features include a layering of sound, proven security protocols atop hardware, software, technology assists, and culture shifts.
- One key protocol is granting the least privilege possible while still getting the job done.
- Storing multiple-use passwords is dangerous.
- Leveraging AI decreases team member “slips” through automated monitoring, reporting to dashboards and real time alerts that are also used in many industries’ audits.
- Training must include accountability and responsibility, even using screen-recording capabilities to train entry-level resources and monitor third party vendor access to protect the organization.
Sometimes losing a customer or a breach itself will be the catalyst for establishing new and better guidelines. Ideally, a report showing minor violations ahead of a problem would trigger a new guideline. Sometimes the Chief Information Security Officer (CISO) needs an inventory in the form of a “gap” analysis of where the company is versus where it would like to be protection-wise. From there, guidelines and levels of access can be created, tightened and enforced.
Determining appropriate levels of access across the enterprise might seem numbingly painful and time consuming. However, access identifiers must travel the full length and breadth of the organization and are a critical preemptive measure against cyberattacks. Sometimes the step is rushed in the attempt to do something — anything, to stop attackers. Industry PAM suppliers such as CyberArk, Centrify, and Thycotic offer company-specific combinations of determining appropriate privileged access levels that start at the tippy top of the IT system (the CISO or CIO for example) and rain down across and through workstations within or among network domains. The contradiction of job title against access point challenges all systems. Cyber attackers have infiltrated structures as large as Yahoo and the U.S. Office of Personnel Management by finding and exploiting privileged credentials. The exact level of access comes down to adhering to a few generally accepted best practices.
Start by answering the questions below to build a tight, impenetrable system:
- Who has access to critical infrastructure, systems, and data? Build access levels from the ground up and top down. Study automatically updated reports daily. A reputable PAM cloud or on-premise solution can inform this step.
- Does the company use the tools/solutions they have efficiently? Are they making time to have meetings, train the troops, and enforce the protocols in place? How mature are users’ knowledge base and how recent are the tools? Is everyone on board to secure the company’s digital assets?
- Is there an adequate budget for purchasing recognized Privileged Access Management software and the support that comes with it?
- How do external audit findings reflect compliance? Examples are General Data Protection Regulation (GDPR) for the EU and Network Information Service (NIS) in the U.S. Are failures quickly fixed?
- Is management at all levels supporting or thwarting safety measures? Getting the job done is not as important as getting the job done safely.
There are many challenges to maintaining a safe yet productive and efficient IT environment. Surprisingly, one of the most challenging roadblocks with Privileged Access Management systems is not making the financial investment to purchase them. The greater challenge is often overcoming employees’ general resistance to change and “adding one more thing” to complete their day-to-day activities. Whether for budgetary, personnel, or other reasons, this resistance puts the company at risk. Meanwhile, as user-friendly and feature-rich as the best PAM systems are, the ultimate test is micro-managing all the way down to the customer-facing employees. These are the bastions of protection against internal (unfortunately) and external marauder/cyber attackers chipping against the walls of the IT fortress. Stretched team managers do their best to hold their team members accountable, but they cannot afford to fire their noncompliant employees. The work must be done, so the task often becomes one of negotiating with an employee. “Here are ten things we need you to do. Do two now, and we’ll work on the next ones in coming weeks.”
But coming weeks may bring newer protocols. The task is ongoing, because next week may require more and different responses and procedures depending on the attackers’ targets, be it Big Data, the Cloud, DevOps, Databases, the Infrastructure, or Network Devices. Last month’s Multi-Factor Authentication (MFA) might need strengthening. As quickly as the Bad Guys change their strategies, the technologies to keep them out must change apace.
Sources:
(1) Security Magazine
(2) Security Intelligence
by Rebeca | Mar 31, 2021 | Resources, soffid
The COVID-19 pandemic has brought about drastic changes at a social level that would have been difficult to imagine a few weeks or months ago. The situation of confinement in which many countries find themselves, with most of the population unable to leave their homes, is something we were not prepared for and have had to quickly get used to.
Something similar has happened at the work and business level, however, the work does not stop: hospitals, logistics companies, medical material production services, etc. must continue working, and for the rest of the non-critical services in this situation, remote work or teleworking has been imposed at a fast pace.
Normally, establishing new architectures, information systems, tools, etc. is something that takes time, especially in large companies. In this case, many CIOs have been forced to implement remote architectures and work processes in record time.
Many corporate systems are not designed to work from home. Perhaps they are, since in most companies teleworking has been carried out more or less extensively: users take their work home, on weekends, etc. to carry out certain urgent tasks. The difference is that now telework has had to be implemented throughout the organization without exception.
The teleworking scenario represents a new way of doing business for organisations that had not previously implemented this system. This entails the emergence of new risks and threats in terms of personal data protection, as employees are working with different means and resources than usual.
Never in history has so much traffic and so much critical corporate data had to be managed from home. In many cases we are seeing how communication lines, VPN systems, etc. were not prepared for so many volumes of data.
Although in the first phase of the implementation of teleworking, agility and the possibility of giving remote access to the systems has been a priority, the CISOs have also had to establish procedures and tools to work safely.
Now more than ever we are seeing how it is not enough to protect the perimeter of the company. With information scattered in multiple locations, in the cloud, at employees’ homes, etc. it is now more critical than ever to have security that travels with the information.
Cloud storage applications such as Box, OneDrive, G-Drive, collaborative work applications such as Slack or Microsoft Teams, video conferencing tools such as Zoom or GoToMeeting allow critical work to continue and we can all enjoy certain services that are indispensable in this crisis, while on the other hand allow us to do our job.
Customers expect their suppliers to continue to maintain a high standard of security when processing their data, blocking possible threats and keeping them safe from possible security breaches.
One thing that is striking is that in crises, security or cyber security risks increase. The bad guys see a unique opportunity to act on the misdirection, chaos, and take advantage of it. A few weeks ago we watched in the press in astonishment as even hospitals were hit by cyber attacks in the middle of the covid crisis. In fact, unfortunately, phishing attacks have increased these days.
Soffid is providing the same user experience and securing the organisations data. Users can identify using their corporate passwords, they can change the passwords when the policy says that the password has been expired, they can recover the password when they have been forgotten they have all the end users user experience is expected to have without exposing the active directory. And on the other hand, the helpdesk team can track sessions, can label and configure the user’s desktop through scripting, through any other tool they are using with active directory and at the same time the administrator, the global administrators can connect any application they have, including active directory, sap or legacy applications with Soffid, so administrator can get a secure and reliable platform, but, at the same time, the end users are having the experience they are expecting to have.
by Rebeca | Mar 24, 2021 | Definitions, Resources, Single Sign On
As enterprises adopt cloud applications, users are plagued with password fatigue–the never-ending burden of creating and maintaining separate identities and passwords for the multiple cloud and web apps they need to access on a daily basis. Adding to the frustration and downtime, when accessing certain resources, users are also required to validate their identities with strong multi-factor authentication, slowing down the access journey even further.
To offer the most frictionless experience possible without sacrificing security, organizations can leverage cloud single sign-on (cloud SSO) combined with contextual information and step-up authentication. This lets users access all their cloud and web applications with a single identity and password, and lets IT require stronger access security only in high risk situations. In fact, cloud access management solutions have emerged, providing organizations with the ability to set flexible access policies that include:
- Single Sign On
- Granular access policies
- Context-based Authentication
- Session management
Cloud single sign-on enables users to access all their cloud and web applications using a single identity–a single username and password set. So instead of maintaining 10 or 20 passwords, users can maintain just one! Cloud SSO removes the need to re-authenticate separately to each cloud application, allowing users to easily move from one cloud app to another.
That said, cloud security is still inherently complex, so we would breakdown some simple steps to leverage the cloud safely and securely.
Multifactor Authentication
Multifactor authentication (MFA) is one of the most concrete guards against cloud-based security risks and, where supported by the cloud application provider, should be implemented immediately. While MFA is not a new technology, the simplicity and ubiquity of smartphones has made MFA a seamless extension of the user access protocol. Long gone are the days where a user has to carry a randomizing FOB that must be replaced, has battery challenges and requires server-side management to keep up to date and integrated with the company account management policy. Today, anyone with a smartphone has the MFA client and basically ready to comply with a fundamentally sound security and cloud access policy.
Ensure Internal Systems Management
Large cloud providers invest extraordinary resources to protect themselves and their clients from cybercriminals. The reality is that cyberattackers are not going to attack the most hardened resources when they are clearly aware that the easiest path of entry is through the small- to mid-size business. Consequently, it is just important that you are keeping a close watch on internal technology systems and controls as that is most likely the least secure point of entry on your way to the cloud. In addition, many cloud implementations still incorporate private VPNs to allow direct and controlled network access, so the importance of the following basic systems management disciplines are critical:
- 100 percent internal device management
- 100 percent patch management (PCs, servers, network devices, etc.)
- Storage management
- Network access control
- Managed security
- SIEM tool
- Web filtering
- DNS filtering
While this may seem like a daunting list of items, chances are you have some form of these for cloud security either in a managed services relationship or internal tool set you already own. The key is discipline in management and metrics/reporting of either the provider, or the internal IT team.
End Users
The velocity of technological change combined with the evolution of threat vectors simply forces us to train our users to keep a keen eye out for anomalies, particularly when dealing with external or cloud systems. User training is a simple, reasonably cost-effective way to breakdown and educate our workforce on modern security risks. While none of these items are silver bullets for eliminating cloud computing risk, they take large strides in mitigating the risk associated with the cloud. The cloud offers a wealth of benefits and when delivered and used appropriately, can offer the same or better security protections than a local computing environment. However, there are appropriate safeguards and measures that should be adopted and followed for security, such as a training PROCESS, to ensure ongoing security compliance with cloud-based delivery of technology.
(1) Security Boulevard
(2) Helpnetsecurity
