13 Nov The Changing Face of IT Security
It used to be, and in many cases still is, that IT security was synonymous with firewalls and restricted access. Organisations would build a powerful firewall around their on-premises IT infrastructure, limit access to critical functions, and hope that the “bad guys” wouldn’t be able to find their way in.
What’s changing is that there is a massive migration to the cloud for a variety of very compelling reasons such as reduced capital expenditures, better scalability, JIT upgrades, and, believe it or not, improved security.
How can something in the cloud be more secure that something that’s on an organisation’s premises? Well for starters, the vast majority of IT security breaches are caused by compromised identities, not brute force hacks or firewall intrusions.
Identities can be compromised when a someone in the organisation falls victim to some sort of social engineering scheme such as phishing where people are tricked into logging in to a bogus account or click on a corrupt link.
In these cases, it doesn’t matter if your IT system is on-prem or in the cloud. Once the hackers have access to someone’s account they can go through that person’s contact list and files and until they are able to gain access to more targeted information.
You could be tempted to pull all IT systems back behind a super powerful firewall in hopes of keeping the attackers at bay. But the people on your team will still be vulnerable to phishing and other social engineering activities.
And, if you pull everything back and try to restrict access and movement you will be blocking, or at least greatly reducing, the ability of your colleagues and clients to collaborate and communicate.
That is one of the reasons that Microsoft has put identity at the front lines of security.
It’s become almost impossible to use the old “firewall” approach to security. Organisations today have to support multiple devices, company provided and personally owned. Employees need to access company sanctioned apps and apps that aren’t on the company’s platform. Employees are increasingly mobile and often need to share information and collaborate in a secure manner from various locations.
So what’s the answer?
According to Microsoft, the answer is Identity Management. By using a system such as Azure Active Directory organisations can easily set policies that grant access and permissions to the appropriate apps on appropriate devices at appropriate times and places.
Features such as Single Sign On (SSO), Self-Service Password Reset (SSPR), Multi-Factor Authentication (MFA) and Just In-Time Permissions, all help to facilitate access, sharing, collaboration, and admin in a manner that both secure and greatly reduces access time and support costs.
As an example, it’s estimated that between 30-50 percent of all IT help desk calls are related to lost, forgotten, or expired passwords. This can cost companies a significant amount of time and money (to see just how much, try the Password Reset Cost Calculator: http://www2.secureauth.com/Password_Calculator). However, by simply enabling SSPR, individuals can quickly reset their own password thus saving time and money.
Another example would be a company or organisation that needs to provide access to a company portal to its’ customers. This could be a private business that has a large number of consumers that set up accounts on its system, or it could be a local or state government that needs to store information and process transactions for the local citizenry. By definition most, if not all, of the customers will be accessing these systems from outside of any existing firewall.
So, how can you make sure that their accounts are easily accessible and secure? You can utilise features such as SSO and MFA. With Azure Active Directory Microsoft has made the features super simple to turn on and use.
And maybe that’s one of the key points in securing any system. If it’s simple, easy to use, and actually helps boost productivity, the likelihood of it being adopted is greatly increased.
By pushing the front lines of security to Identity Management is doing just that. It has developed a way to both enhance productivity and reduce the number of identities that are compromised. And, with the use of features such as SSPR, the savings in time and cost often more than offset the cost of the transition.
How does that sound to you?
Mark Shriner is Director of Business Development for adaQuest a Microsoft Cybersecurity & Compliance partner with offices in Bellevue, Washington, Tokyo, and Sao Paulo.