When one thinks about home and family security, the first thought is to take up residence in a secure location—ideally, a guarded and gated community. The second is to carefully secure the perimeter of the house: the doors and windows—the points of ingress. Sensors are wired to each opening, cameras and motion detectors are aimed at carefully selected places, and monitoring is switched on. When it’s all plugged in and working, we are confident that our homes are safe. But we also must keep track of the residents of the home and ensure their cooperation with security measures. Who has a key? Or a garage-door opener? Do they routinely close and lock the windows? Because even the finest perimeter defenses are readily breached by the actions, intentional or not, of residents. What can happen when someone leaves a key under the doormat for an expected visitor? Or a garage door is mistakenly left open as the owner drives off to work?
In our gated-community example, the traditional defense focuses on securing entry and exit points, and it assumes residents will take no action to breach security. In the vast majority of cases, that approach will be just fine. But we in our houses are not continually subject to attackers seeking to trick or cajole us into one simple mistake, a mistake that will crack the most airtight security, exposing our homes to the depredations of criminals.
When cyber security measures focus entirely on the perimeter, the organization does nothing to mitigate its greatest risk: the workers whose actions can breach the most secure perimeter defense with a single, careless mouse click.
Secure Perimeters Require Secure Workers
An organization’s workers are its chief assets—the means by which value is delivered. But they’re also a massive liability in terms of cyber security. And new trends in the technology-enabled workforce are making things far worse.
Today’s IT organizations are expected to equip their workforces with the devices that make the most sense for the organization, while also satisfying the ever more demanding individual worker. Whether it’s supporting preferences for Mac and PC, providing immediate access to apps and services, or allowing workers to use their own mobile devices for work, the workspace has truly become digitized—and therefore more vulnerable compared with the days when each worker had his or her own locked-down desktop PC and worked exclusively from the office. But as IT continues to support mobile-work requirements, a whole slew of security-related IT issues are appearing, and the most serious threats to today’s security are stemming from the inside.
In a time of “do more with less,” IT departments are struggling to provide basic protections against malware, ransomware and spyware, and to secure firewalls to prevent outsider attacks. But is enough attention being paid to those they trust the most, their own workers?
This insider threat is no secret. A recent global study by Kensington entitled “Voice of IT” revealed that IT executives pegged the following as their biggest pain points when it comes to IT: human error, lack of process and workers not following established processes.
What can companies to do streamline IT processes and find solutions to insider threats? After all, within the “gated community” of organizational security, the user is the last line of defense.
A Gap Too Big to Span?
One of the biggest debates in recent years regarding the digital workspace is bridging the gap between worker enablement and security. It’s an old conundrum in IT: new technologies are constantly being layered into the infrastructure, but hardly anything is ever thrown away. The result is a hodgepodge of hybrid technologies seeking to solve the same problems. And this situation is far from invisible to workers, who are often required to shift from app to app, and from physical to virtual, in an awkward sequence of steps that has them longing for the relative simplicity of the consumer technologies they enjoy at home.
And IT security is perhaps the greatest culprit in the disruption of worker productivity. Is your organization overwhelming your workers with too many checkpoints to cross and too many updates to install? Are your existing security systems working together? And if so, are they working together seamlessly?
Organizations must create a safety net around their workers—the risks of cyber attack are too great to do otherwise—but they must do it in a way that doesn’t inhibit individual productivity, allowing workers to work when and where they choose, on the devices that are most productive for them. And all this must be accomplished with safety controls in place to prevent them from being the source, witting or otherwise, of security threats.
Yes, There Are Solutions
IT must be continually on the defensive, protecting workers and the infrastructure from easy-to-make yet potentially costly mistakes. And the good news is there are several decisive steps an organization can make that will secure the organizational community without unduly hampering workers.
Deploy automated, context-aware access control.
Automate the many processes and workflows that govern the access each worker has to apps, databases and services in his or her digital workspace. Technology is available now that will do the following:
- Govern what resources each person can access on the basis of his or her immediate working contexts (including the device, physical location and time of day)
- Automatically provision and deprovision those resources as needed on the basis of that working context
- Track that access by gathering the data necessary for guaranteed, easy audits.
Use low-maintenance whitelisting with automation.
Human behavior is your greatest security risk. And today’s cyber crooks are becoming increasingly creative in their attempts to exploit human inattention. Context-aware whitelisting and blacklisting can ensure that only permitted apps can be executed. The list of permitted apps can be governed by IT on the basis of what the business chooses to allow as well as each individual worker’s context at the moment access is attempted. Whitelisting adds a thick layer of protection by only allowing approved executables to be opened.
Although many organizations have some form of whitelisting in place, maintenance burdens can be high for traditional solutions. A new approach can not only use automation to better maintain the whitelist, but it can add user safeguards by automatically verifying unique file signatures. This strategy ensures that the files being executed are authentic and that workers aren’t being tricked into opening different, infected files.
Automate the onboarding and offboarding of workers.
More than 13% of workers can still access a previous employer’s systems using their old credentials. And there’s much more. In a study on rogue access, Intermedia found that 89% of ex-workers retain access to at least one app from a former employer. Some 49% actually logged into an account they were supposed to no longer have access to, and 45% retained access to confidential data.
When employees leave the organization, they pose perhaps the greatest risk to the organization. IT must tightly integrate deprovisioning processes into existing human-resource apps, project-management systems and other enterprise identity stores. Doing so allows worker access qualifications to be automatically managed and altered each time a worker’s identity status is changed in those systems. With a more holistic approach to identity life-cycle management, organizations can improve productivity, compliance and security—and prevent former employees from exposing the organization’s data and systems to extremely high risk.
Stamp out “shadow IT.”
Today’s workers are productive like never before, thanks to the incredible technology available through modern digital workspaces. But this productivity also breeds an “I need it right now” attitude towards new technologies. And if IT can’t provide it “right now”? Often the worker’s solution is just a login or credit card away, with ubiquitous cloud-based solutions studding the skies overhead.
The risks are great. IT must prevent employees from taking matters into their own hands to solve IT issues. But is shadow IT best prevented by hiring an army of alert IT professionals, available 24/7? Or is there an easier (and cheaper) solution? Yes! Through automation, IT can provide on-demand self-service access to the apps and services workers need as well as prevent workers from circumventing access rules. This approach can include password management, access to a new data drive or a request for a particular workspace app. The best way to prevent workers from going around procedures is to give them an instantaneous, trackable and reliable way to get what they need from IT. No hassles. No tickets. No violations.
Security should come naturally to an organization, but it will likely never become second nature to many of your workers. When we’re at home, we’re surrounded by a sense of security, no matter how real or illusory it is. Many of us don’t truly think about security unless our perimeter is breached. But IT can build a powerful security shroud around its systems, its data and its workers by using automation and self-service to simplify security processes, empowering workers to focus on their responsibilities without disruption and keeping the enterprise safe from intrusion.
To be sure, no security solution is perfect. But we owe it to our organizations and our fellow workers to do our very best.
- Article Source: DataCenterJournal.com