Data security: Rethinking the perimeter

By | January 3, 2017

Business computing is the new buzzword these days. It is happening everywhere, offices, homes even on smart phones. Because of this, one can witness the transformation so caused in work as well. As per Harvard Business Review, every employee, company and even industry of the economy now deploy digital technologies.  And as per Okta’s recent report, on an average, organizations deploy between 10 and 16 off the shelf cloud apps and this number has grown almost 33% over last year.

This number clearly signifies that organizations irrespective of the size are concerned and are taking steps to secure increasingly mobile workforces. Nevertheless, cloud enabled technologies are helping individuals to be productive along with it bringing a range of challenges. Day by day, the number of employees using personal devices to access both work and personal information is increasing, thereby eliminating the traditional work culture. One challenge is that with data and information shifting to the cloud, security teams is able to look for a part of user activity on the enterprise’s personal internal systems. What can they do to secure their perimeter without comprising user productivity? Enterprises should concentrate on safeguarding user identities rather than having a secured network.

The Identity Perimeter

According to a recent report by Accenture, 51% of top decision makers of the organization are worried about the security as a challenge for taking digital technologies on board. Organizations have acknowledged the fact that applications are present outside the firewall., passwords are increasingly becoming a liability and devices are no longer controlled by IT that accesses enterprise data. For keeping end user computing secure, a better way is needed to control and secure an increasing number of users, applications and devices which spans network boundaries and traditional company.

Outmoded security approaches have always focused on founding network perimeters and then the layers of the firewalls, IDS, VPNs and DLP systems to fragment and secure data and users. However, the actuality these days is that users define the network perimeter and more precisely, their identity. Something that has become complicated is safeguarding this network perimeter and handling identities access to applications. IT should understand the access to data and applications should be given to whom, what are they doing and where they are accessing the data.

Thus, many enterprises are focusing beyond securing the network and enterprise owned devices, safeguarding internal and external individual identities and information instead of just devices. Taking into consideration contextual data about devices and users and behavioral patterns, unauthorized attempts can be detected more accurately to access enterprise data. With this the risk can be better mitigated by IT individuals from a security breach to efficiently guard the business.

Regaining Control Through MFA

The growth of social media has served as platform for attackers to misuse personal information in order to respond to typical security questions. This is triggering a huge number of organizations to deploy MFA (Multi Factor Authentication) to be protected against the series of malicious activities that are carried by stealing login credentials.

MFA which is extremely secure authentication mechanism is basically using two or more diverse types of authentication like a password and a temporary key which is directed to a user’s phone, email address, dongle or application in order to ensure that users are as true against the identity provided, eliminating the jeopardy of unauthorized access.

Even if the password is stolen, when MFA is deployed, attackers cannot access the account without also deceiving the second authentication mechanism. It is more difficult for attackers to break the perimeter when more contextual data is used by the organization to authenticate a user.

Minimising Risk in the New Perimeter

Nowadays, everything is around identity. With cloud hosting booming, it has become imperative to adopt a holistic approach for network and its surroundings irrespective of its complexity. Handling identity with single sign –on as well as provisioning offer organizations an improved way to control and have a secured access for increasing number of users. With this approach, IT decision makers can benefit themselves from real time data and the agility to respond to the continuous changing workforce and enlarged acceptance of applications.  In short, such solutions make sure that all users get themselves aligned with data security procedures, passing more control to IT on different applications, user types and access points will be connected to its cloud structures.

Adopting the new approach and handling identities with SSO will help organizations to rapidly and securely familiarize with the every changing surrounding. Minimize the concerns on visibility of devices, applications and users, delivering individuals with access the applications they require, where and when they want them, eventually growing their productivity.