Securing the mobile workforce
Cybersecurity is not all about ensuring you have antivirus, firewalls and security updates installed on your systems. It’s about addressing a wide variety of threats such as deliberate attacks, internal breaches, and industrial espionage. It should extend past desktop computers and internal servers, writes Barry Scott, CTO, EMEA at Centrify. Regardless of where devices and applications reside, and who owns them, organisations need to ensure they have full control over those resources that are accessing and storing corporate data, to safeguard against these threats. The new office model is evolving, cloud computing, virtualisation, and the proliferation of mobile devices has left many businesses fraught with the task of managing the complexity and security of IT infrastructure. Proprietary data no longer sits within the office walls. In fact, it no longer resides within the remit of the corporate firewall. As we are faced with an increasingly hybrid infrastructure, and an influx in compliance regulations to boot, ensuring that corporate and sensitive data remains secure and is protected against insider and outsider threats, requires end- to- end visibility and control over users, applications, servers and devices. Today’s business environment is driving enterprises to find cost efficiency at every operational level. Outsourcing, offshoring and cloud computing are giving organisations agility and flexibility. With the increase in flexible working models, mobile workers, contractors and offshore personnel, IT departments are challenged with providing IT services across a much more disparate network, to an even broader cross section of workers that require these mobile devices and applications to drive their productivity.
94% of IT security professionals use third party applications on their mobile devices for work, with 82% using up to 10 apps
A recent survey, conducted by Centrify, found that 94% of IT security professionals use third party applications on their mobile devices for work, with 82% using up to 10 apps. This demonstrates how applications have become a crucial tool for employees whilst in the office and on the move, exemplifying the risks for organisations as these cloud- based or mobile apps create islands of identity that become harder for IT
to track and manage.
Preventing insider error
Whilst the Stuxnet Worm revealed the overwhelming threat of APTs and the futility of relying on existing security systems, the risks do not always come from the outside. It could be a simple download from an infected email or the connection of a virus- laden USB, these inadvertent compromises of the information infrastructure can all resort in a massive breach of security. Identity and access can often be overlooked, but unless enterprises can find a unified way to securely identify individuals, they risk their business coming under attack and facing a host of repercussions. Just as importantly, unified identity enables straightforward removal of access from applications and resources when an individual leaves the enterprise. Organisations must manage users’ digital identities and the corresponding roles and rights those identities have across mobile devices, servers and applications and ensure the business is protected, while remaining agile enough to respond to evolving business conditions.
In an increasingly regulated world, it is vital to be able to ensure accountability of actions back to an individual
It is very important to implement bestpractice security principles, such as leastaccess and least- privilege, to ensure that users only have access to, and privileges on, systems where they have a legitimate business need. Also, in an increasingly regulated world, it is vital to be able to ensure accountability of actions back to an individual. Being able to understand and manage who has access to what, where, and when, is crucial to enabling companies to manage access and identity across multiple platforms, from any device and location. Leveraging new technologies such as single sign- on ( SSO) provides the ability for a user to enter one username and password that enables them to logon to multiple applications within an enterprise and delivers the capacity to enforce authentication policies across the whole organisation. A single, unified architecture for sign- on can address these challenges, and businesses need to apply these same levels of security capability to those IT resources outside the office walls ~ as they do to those inside.
Barry Scott, CTO, EMEA at Centrify