Secure access top investment priority in wake of remote working
Investment in automation within access management key to dealing with access security
Add bookmarkFinancial services typically have well-established identity and access management (IAM) programs. However, outside of the financial sector other industries are now shifting their cyber security focus and investment priorities towards IAM.
Ahead of the Secure Access Digital Summit Gaurav Miglani, lead cyber security analyst (director) at Visa, spoke to Cyber Security Hub about IAM, the impact of Covid-19 on secure access and the problem with implicit access.
The Covid-19 pandemic has accelerated the need to automate IAM programs with more people working remotely and using multiple devices.
“Sometimes a user onboarding can take five to seven days. With Covid-19 and many people working remotely there is now the need to onboard people faster. To do this a company would need to automate the processes,” he explains.
This is where Miglani said companies need to invest in identity management tools in order to enhance the onboarding process.
The issue with implicit access
Explicit access is simple to understand – giving someone specific access to systems or applications based on their job role within an organization.
Miglani said a mature organization would likely have roll-based access controls in place which automates this access process.
However, according to Miglani, implicit access is becoming more of a concern today.
Implicit access can be given in a number of ways. One is specifically implicit access on an application where an organization does not assign an employee access but also does not deny you any access rights.
“What we have seen in big enterprises is where you have different methods to log into systems over time, implicit access becomes a problem. For example, I can give you access to system A, which is your role through role-based access, but there are other types of access between system A and system B so you get implicit access to system B. In small organizations often nobody is looking at it because you do not have automation to detect it,” Miglani says.
In addition, where there is a lot of employee movement and a lot of people are changing teams, they can be left with old permissions they do not necessarily still need. This goes against segregation of duty policies, Miglani says.
Typically, if organizations want to take a zero-trust approach to cyber security they must remove all implicit access or trust.
In order to overcome these implicit access issues Miglani says companies need to have good join, move and leave (JML) processes in place.
“If you can automate [JML] that is best,” he adds. “With automation, for example, if a user is leaving there is a process to remove all access as soon as you know.”
He says that many companies today are moving to one-day service level agreements (SLAs).
Top priorities
With secure access in mind, Miglani says gave his thoughts into what any organization’s top priorities must be in terms of tools and solutions:
- Organizations should have a mature endpoint detection and response (EDR) system in place because of the growing number of devices. This is to ensure that those devices themselves are security.
- Using a VPN to connect to an organization’s network. This allows all communication that is done with company resources is encrypted through a dedicated channel or network.
- Multi-factor authentication, even for smaller companies to reduce the risk of unauthorized access to things like emails and communications within an organization.
To find out more register here for the Secure Access APAC 2022 Digital Sumit.