Did you miss a session from MetaBeat 2022? Head over to the on-demand library for all of our featured sessions here.
On the heels of Thoma Bravo’s news that it has acquired its third identity company this year — ForgeRock — security experts have said identity management should be a key area of focus for organizations — especially those with customer-facing or externally facing — apps and websites.
Identities and user accounts are one of the prime vectors for cyberattacks —especially for ransomware —in the workplace, according to Jack Poller, a senior analyst at ESG Global, an IT analyst, research, validation, and strategy firm
“Securing an organization’s identities with strong, phishing-resistant authentication such as multifactor authentication (MFA) or password-less authentication methods can prevent account takeover and other identity-related attacks and reduce the attack surface,” Poller told VentureBeat.
Yet, only 17% of CISOs are optimizing identity — even though they believe it is a cyber capability they need to advance, according toa PwCreport. Data breaches reached an all-time high of 1,862 in 2021, according to the Identity Theft Resource Center (ITRC), a 68% increase over 2020, with no signs of slowing
Join today’s leading executives at the Low-Code/No-Code Summit virtually on November 9. Register for your free pass today.
Shrinking the attack surface
Identity management of users and devices is key for CISOs to manage the risks associated with unauthorized access to sensitive data and systems, according to Kayne McGladrey, IEEE senior member.
“From a control operations standpoint, the two most important capabilities are the ability to validate a user’s behavior when it deviates from the norm, and the ability to quickly de-provision access when it is no longer needed,’’ McGladrey told VentureBeat.
For example, if a user regularly logs in from Washington State using their Windows-powered computer to access a single program, there’s little reason to prompt them for a second authentication factor, he said.
“But when the device changes, perhaps a new Mac computer that’s not configured correctly, or their location suddenly changes to Australia, they should be prompted for multifactor authentication as part of identity validation before being allowed to access those data,” McGladrey said.
When a user leaves an organization, their identity access should be rapidly revoked across all platforms and devices. Otherwise, organizations run the risk of a threat actor using the older access and credentials, McGladrey added.
CISOs can further secure identities by applying the principle of least privilege access, which ensures that a worker has access only to the information …