Due to the rapid spread of COVID-19 organizations across the world are taking the necessary safety precautions sending employees home to work remotely to curb the virus from spreading. Yet with a large number of employees working outside the traditional office-based security perimeter, many companies are faced with a new threat as this safety precaution may also open the door to attackers, posing brand-new security challenges, increasing risk of insider threats, and putting further pressure on IT and the infrastructure.
The threat of coronavirus continues to spread globally and while social distancing is believed to be a way to better control this new virus the consequence of businesses sending employees home to work remotely are imposing new security challenges.
The massive shift organizations have rushed to put in place throughout the business, exposes a lot of organizations to security threats given the challenges of enabling remote working. Systems are often decentralized, which creates an open environment where data is even more difficult to protect. With many applications additionally being moved to the cloud, and with this increase in remote workspaces, the overall security and compliance posture for organizations is challenged.
For cybercriminals the many new remote workspaces have enlarged the possible attack surface and represents an attractive opportunity. As a result, the cybercriminals are ramping up their tactics to take advantage of those who may have inadequate or naive security postures.
Identity Becomes the Perimeter
Working from home is not a new situation. Many enterprises provide this option to their employees. However, this large sudden move from people working within enterprise networks that are closely monitored and secured, to a largely unmonitored and often unsecure Wi-Fi network at home, provides a new great opportunity for cybercriminals. With most of the users no longer being inside but outside the reach of perimeter-based security tools, companies are very likely to have higher exposure to network and phishing attacks and that makes identity management the new perimeter.
Identity governance becomes critical in the security infrastructure. Not only because of the increased number of remote employees, but also for governance of external identities as most organizations also have multiple temporary employees, contractors, and business partners who need access to the systems. These employees and insiders are non-static especially in times like this, moving across the organization. Some organizations experience an extensive growth in employees joining, some move departments frequently like in healthcare, and other organizations must temporarily lay off people because of the current circumstances.
This non-static journey across the organization means organizations must continually govern the employee identity, at all times having an on-demand overview of the identities’ access to the systems and applications, keeping any loopholes closed off.
Get the Overview, Keep the Overview
In a time like this, companies particularly need to have the necessary processes and technologies in place that limit access to business-critical information and sensitive data to detect and prevent potential cybersecurity threats from happening. Organizations need to ensure they are not left wide open to an attack, whether it is caused by an internal or external security breach.
This is where identity governance comes into the picture. Identity governance allows an organization to automate access control processes, to strengthen its security, efficiency, and compliance. Having an identity governance solution in place with all identities in a centralized repository allows you to be in control of the access rights granted to each identity. Granting access based on roles and functions will vastly reduce the risk of spillover, should a user encounter a malicious attack.
To enable employees to work efficiently from their home office they must have the access they need at the time they need it to do their job. An identity governance solution provides automated approval flows and provisioning/de-provisioning of access rights, enabling users to request and obtain access directly from the solution, and access will be granted immediately upon approval. In this way, even if a user is required to handle tasks or work in a project only on a temporary basis, the manager can simply grant sufficient access to perform the job, and just as easily remove the access when it is no longer needed. This allows a company to operate at full speed, even when enforcing ‘least privilege’ principles when assigning access rights.
Identity governance supports efficient removal of unused and unnecessary access from users, who no longer work in a given position or has left the company, just as external contractors’ access can quickly and easily be revoked from any system as soon as their contract expires and their services are no longer required. Stale user accounts and unused system accounts are a frequent target for hackers, so the sooner the unused accounts can be disabled, the better the security.
A key element of identity governance is to continuously ensure that access control is maintained and updated according to business policies. The governance controls monitor the access rights of the employees joining, leaving or changing roles in the organization, matched up against access rules and policies to generate a detailed access rights overview highlighting any discrepancies or violations. The combination of automated workflows for access control and enforcement of policies, means the organization at all times has an in-depth overview of access to the systems and applications in the organization and can thereby keep loopholes closed off. Being able to document an overview of who has access to which system is also an important part of being GDPR compliant, where access to privacy data must be limited to employees who need this access to perform their job.
Automated processes minimize the risk of security breaches and taking control of identities and privileges improves organizational resilience. Time and time again, security reports indicate that successful cyberattacks are the result of abuse of privileges. Managing and controlling access rights, including governance of privileged accounts, is therefore key in this “New Normal” and if this is not already being done, organizations should get started.
Identity and access management can help your organization get in control of the remote users and maintain access compliance. Find out much more about how you can bring your identity management and access governance to match your evolving business needs or get in touch with us to learn more about how we have helped organizations like yours.