Combatting the growing identity crisis.
Global, digital, mobile and cloud-based - the security perimeter of every business now extends far beyond the traditional network. Forward-thinking business leaders are challenging their approach to security and realigning it for the digital age. Today, identity is the logical place to start, as it's the single point of control across mobile devices, cloud-based applications and outside the management of the corporate network.
Of course, cybercriminals have been quick to capitalise on this. Identity breaches through stolen passwords, phishing and the compromising of users are now the biggest cybersecurity threat facing business. A compromised user identity can easily open doors to an organisation.
The problem with passwords
Perhaps surprisingly, the humble username/password combination still dominates many aspects of modern security, making it an attractive target for hackers. From automated password cracking through to social engineering tactics where people are tricked into sharing their credentials, stealing identity can be a highly lucrative business for cybercriminals.
With 81% of hacking breaches leveraging stolen and/or weak passwords*, it’s easy to see why. The average person has numerous account logins to remember which, by sheer volume, commonly leads to password recycling. So potentially, if an attacker steals the password for an unrelated account, they can unlock other accounts and gain access to your precious corporate data.
The art of authentication
Striking the right balance between security and usability can be quite a quandary. Making authentication too difficult has the potential to damage productivity. Or worse still, it could expose the business to ‘Shadow IT’, as employees seek ways to work more easily beyond your approved systems and infrastructure.
A combination of authentication factors can be used to improve security. From passwords, pin numbers and biometrics (such as fingerprints, iris scans, voice and face recognition) to real-time metadata analysis (device recognition, geo-location and behavioural analysis), these can work together to minimise the impact of stolen credentials. Each of these techniques has varying impact to the user so getting the right balance is key.
The pathway to password-less
Moreover, advances in technologies mean that ‘going password-less’ is becoming reality for some businesses – totally eradicating the risk that passwords can present. Next-generation authentication services such as Windows Hello and other authentication components including Touch ID or Apple’s Face ID profess a more secure alternative to passwords because they rely on technology that is harder to compromise. Security meets convenience, leading to a more engaged and productive workforce.
Trust no one
Taking enterprise security one step further, many businesses are adopting a ‘zero trust’ approach. As the name would suggest, zero trust means that every person and every device is not trusted by default, whether inside or outside of the network. With this approach, the security posture of a user is assessed based on device, location and behavior to verify that the user is not an imposter. By using conditional, just-in-time access to grant users enough privilege to perform their required tasks, but nothing more, security is maximised.
Business without borders
Today, with identity breaches soaring and security perimeters widening around the globe, placing identity at the heart of your security strategy puts you in a stronger position to protect your business. By working smarter and focusing on the real risks, businesses can both improve security and enhance user experience of the increasingly mobile workforce.
Bistech has an impeccable record of quality and security, and is certified to ISO 9001 for Quality Management, ISO 27001 for Information Management and BS 10012 for Data Protection. Call us on 03330 11 22 55 for an independent and no obligation chat about your security strategy.
*Verizon's 2017 Data Breach Investigations Report