| | FEBRUARY 20189CIOReviewThe good news is that businesses have more identity management and security tools at their fingertips than ever before. Until fairly recently, preventing unauthorized access to data meant locking down a perimeter firewall and applying unique authentication and access control policies to every website, app or service on a network. This often led to increased support calls, decreased productivity and insecure work-arounds, such as carrying sensitive information on thumb drives.Today, the tools available to secure a cloud first environment are both simpler and more effective against modern attacks. Strong policy-driven authentication systems backed by cloud intelligence and machine learning, rich device compliance solutions which ensure that when a device goes missing, the data on it remains safe, and document encryption technologies which don't just keep documents from prying eyes, but allow you to know who opened the document are all available to the modern security administrator, and can even work together to create an integrated defense network around the key assets in your company.Assume BreachGreat tools are not enough. We must adopt the right mindset in our battle against unauthorized access. As I meet with CEOs and Chief Information Security Officers, I am encouraged to see more and more executives adopting an "assume breach" mindset. These leaders recognize that businesses need to shift their thinking on identity management to better secure their networks and information, which will in turn lead to increased productivity. Companies that assume they've already been breached are more vigilant about monitoring login patterns and abnormal network interactions. They use the power of machine learning to quickly identify threats and anomalies before they culminate in more damaging attacks. Many of these capabilities may even be built into the same solutions used to manage and verify identities so that criminals cannot access the network in the first place:· I have worked with a major financial company whose excellent internal forensics joined with my team's detection systems to detect an attack in flight and stop the attacker before they were able to do harm. This response combined deep industry and company knowledge from the customer with our anomaly detection to quickly triangulate and intercept the attack. · We have worked with governments who sustain ongoing and determined attack to establish access policies that allow us to quickly identify "outlier" requests for challenge and scrutiny. · Another services company benefitted tremendously from assisted analysis of on premises traffic ­ because they assumed the bad guys were already there, they were able to detect and shutdown the breach as soon as it did happen. Conditional Access is KeyUsing risk-based conditional access to improve identity management is quickly becoming standard procedure, in part because we're finding new ways to reduce the burden on the user. Thanks to new authentication capabilities like biometric systems, users may no longer need to enter a password to enjoy the increased protection of multi-factor authentication.An intelligent access management solution combines smart local authentication with conditional access criteria based on things like location, app or device compliance, and session risk scoring. These tools allow IT to embrace the reality of users defining the new corporate boundary.By embracing new security paradigms and technologies along with the new productivity paradigms, creating more transformative user experiences and increasing employee productivity can simultaneously reduce risk. Embracing identities as their perimeter, adopting an assume breach mindset, and setting conditional access polices can go a long way toward helping your business stay out of the headlines. Cybercriminals are patient, and persistent. On average, an attacker will lurk on a network for 140 days before they are detected
< Page 8 | Page 10 >