Access management key to secure data
There’s a quip in the IT industry: Who is driving digital transformation in your company: the CEO, the CIO or COVID? And, of course, the response is generally COVID.
While COVID-19 has precipitated organisations along an accelerated digitalisation path, the very speed with which it happened has had some unpleasant and sometimes downright dangerous consequences.
Bertie Neethling, RSA Brand Manager at First Distribution, points out it has quickly become apparent that the way we access the corporate network has changed radically, with the edge and the cloud now as much a part of the mainstream as the core data centre ever was.
“While moving workloads from on-premises to the cloud has become easier over time, there are risks associated with it,” he explains. “You have users trying to access data or workspaces from home: Even if they are using the office VPN (virtual private network) or cloud workspace, quite often they do so with little or no security on their own computers.
“Organisations find themselves having to strike a balance between security lenience and being too restrictive,” Neethling adds. “It’s when you get this balance right that you have a good cloud strategy.”
With users accessing the corporate network from just about anywhere, on any device, cyber criminals are having a field day and the rash of security compromises we’ve seen in the past months indicates just how successful they’ve been at breaching IT’s defences.
“The most common weak point is still e-mail,” Neethling points out, “with criminals making very effective use of phishing to gain access to users’ devices. From there the threat actor can easily get into the corporate network, do a reconnaissance and then launch an attack to either steal data or encrypt it for a ransomware demand.”
The best way to mitigate these threats is with effective access control, to ensure that only authorised users are able to access applications and data.
“A well-functioning access management system will assist in protected assets and limiting the access that threat actors have within the system – it puts the right protection in the right place,” Neethling explains.
While security in itself is desirable, there are now also regulatory consequences of a lapse since the Protection of Personal Information Act (POPIA) came into effect last month.
“POPIA is forcing companies to pay more attention to where their data resides and who has access to it,” Neethling explains. “In the past, security was often a box-ticking exercise, something you had to pay lip service to in order to get the compliance officer off your back.
“But now POPIA is making organisations take the issue of cyber security a lot more seriously because there are big fines involved for non-compliance.”
RSA has launched its SecureID access management solution, which Neethling says goes beyond two-factor authentication to truly protect data.
“SecureID provides a risk-based authentication solution that analyses location, behaviour and device to determine risk,” he explains. “And it does so without making security onerous for the user.”
For instance, if a user normally logs in from one IP address, and that changes, the system will challenge the user with a security question or two-factor authentication. “As soon as the user’s identity is confirmed, they can work as normal without having to jump through further hoops. It really is just a step to ensure that the person logging on is the right user.”
Behavioural analysis uses artificial intelligence (AI) and machine learning (ML) to track how the user typically interacts with the system, and will raise a flag if this changes.
These algorithms can pick up how the user types and clicks the mouse, even the number of words per minute that they type, whether they use caps lock or shift and more. “It picks up a lot of the small things a user does and registers their individual quirks,” says Neethling.
“AI can be quite daunting, but since cyber criminals are using these tools to steal our data, if your security solution is not looking at AI or ML, it’s behind the curve.”
With SecureID, legitimate users still have seamless access to the corporate network, Neethling explains, but illegitimate users won’t be able to authenticate.
“This doesn’t mean a legitimate user who fails a security question will be permanently locked out of the system. You set the rules on how you want users authenticated, and any exceptions will trigger an alert to the administrator who can then investigate further and either allow or disallow the user. These rules are based on your company policies and can be as strict or as lenient as your policies dictate.
“At the end of the day, SecureID is all about ensuring the right person has access to the right data. It’s a good tool to have in place for a zero-trust security environment as it offers organisations a higher level of access control.”
SecureID can be delivered as software as a service (SaaS) or installed on-premises as a cloud or hybrid cloud solution.
“It really depends on the user’s environment and how they wish to work,” says Neethling. “RSA is able to fit in at any stage of the customer’s digital transformation journey, and can protect the organisation on all platforms.”
Partnering with First Distribution
First Distribution is an RSA distributor in South Africa and sub-Saharan Africa and works with an extensive network of partners to bring the SecureID solution to market.
“We assist our partners with pre-sales consulting in customer meetings – physical or virtual, and offer post-sales support. We also actively market our products and solutions in order to drive demand and generate leads.”
“Our main focus is to add value to what the partner brings to the market; so for start-ups we can offer technical expertise; other companies might need sales support, so we offer that.”