Business is evolving in the face of two opposing technology trends: the transformative power of the cloud and the mounting cost of cybercrime. Living at the intersection of these new business realities are billions of people, putting pressure on businesses to ensure that employee and customer identities are protected.
We see new data and identity thefts in the news on a weekly basis. More than three billion customer data records were lost to high-profile attacks in 2016 alone, with more than 60 percent of all data loss traced back to compromised identities.
Establishing trusted identities is how a web-based economy functions – and criminals know it. The good news is that businesses have more identity management and security tools at their fingertips than ever before. The challenge is knowing where to start.
Employees define the corporate perimeter
Until recently, preventing unauthorised access to data meant establishing a firm perimeter of defense and applying unique authentication and access control policies to every website, app or service on a network. This often led to increased support calls, decreased productivity and insecure work-arounds such as carrying sensitive information on thumb drives.
Today’s identity protection strategies start by recognising that employees now define the corporate perimeter, and people are still the weakest link in a network. Just as the people around us engage with and trust us on sight in the physical world, our online identities are presented and verified hundreds of times each day as we navigate documents, apps, websites and the countless other ways we use technology to retrieve data.
To protect that data, you must enforce policies that follow each individual identity as it moves throughout the network requesting data. Recognising that corporate perimeters are defined by individuals, who are themselves the targets of increasingly sophisticated attacks and social engineering, has created a new security mindset that puts even more focus on internal threat detection.
Adopting an “assume breach” mindset
In cybercrime, patience is rewarded. Attackers typically lurk on a victim’s network for more than 140 days before they are detected. Acquiring someone’s credentials and using them to gradually elevate permission has become the most effective means of reaching lucrative company data.
Assuming you’ve already been breached forces you to be vigilant about monitoring patterns on your network. You can then use the power of machine learning and behavioural analytics-based tools to quickly identify threats and anomalies before they culminate in more damaging attacks. Many of those capabilities may even be built into the same solutions used to manage and verify identities so that criminals cannot access the network in the first place.
Improving identity management and staying out of the headlines
Using risk-based conditional access to improve identity management is quickly becoming standard procedure as we work on finding new ways of reducing the burden on the user.
Thanks to biometric features like Windows Hello, for example, you don’t even need to enter a password anymore to enjoy the increased protection of multi-factor authentication. Smart local authentication, combined with an intelligent access management solution, lets IT embrace the reality of users defining corporate boundaries by defining secure conditional access criteria based on things like location, app and device compliance, or even an aggregate risk score.
Creating more transformative user experiences and increasing employee productivity does not have to introduce risk. Businesses can go a long way toward staying out of the headlines by recognising that their employees define the corporate perimeter, adopt an “assume breach” mindset, and make use of multi-factor authentication access polices.
(From Microsoft blog).