When one thinks about keeping the home and family secure, the first thought is to take up residence in a secure location – ideally, a guarded and gated community.
The second is to carefully secure the perimeter of the house itself: the doors and windows – the points of access. Sensors are wired to each opening, cameras and motion detectors are aimed at carefully selected places, and monitoring is switched on. When it’s all plugged in and working, we are confident that our homes are safe.
But we also need to keep track of the residents of the home and ensure their cooperation with security measures. Who has a key? Do they routinely close and lock the windows? Because even the finest perimeter defences are readily breached by the actions, intentional or not, of residents. What can happen when someone leaves a key under the doormat for an expected visitor?
In the gated community example, our traditional defence is focused on securing entry and exit points, and assuming that residents will make no action to breach security. And in the vast majority of cases that will prove just fine. But we in our houses are not continually subject to attackers seeking to trick or cajole us into one simple mistake; a mistake that, once taken, will crack the most airtight security, exposing our homes to the depredations of criminals.
When cybersecurity is focused solely on the perimeter, then an organisation fails to mitigate its greatest risk – its workers. Workers can both knowingly and unknowingly breach even the most secure perimeter defence with a single, careless mouse click.
Secure perimeters require secure workers
An organisation’s workers are its chief assets – the means by which value is delivered. But they’re also a massive liability in terms of cybersecurity. And new trends within the technology-enabled workforce are making things far worse.
Today’s IT organisations are expected to equip their workforces with the devices that make the most sense for the organisation, while also satisfying the ever more demanding individual worker. Whether it’s supporting preferences between Mac and PC, providing immediate access to apps and services, or allowing workers to use their own mobile devices for work, the workspace has truly become digitised – and therefore more vulnerable, compared to the days when each worker had his or her own locked-down desktop PC, and worked exclusively from the office. But as IT continues to support mobile work-style requirements, a whole slew of security-related IT issues are being raised; and the most serious threats to today’s security are stemming from the inside.
In a time of “do more with less,” IT departments are struggling to provide basic protections against malware, ransomware and spyware, and to secure firewalls to prevent outsider attacks. But is enough attention being paid to those they trust the most – their own workers? This insider threat is no secret. A recent global study by Kensington entitled “Voice of IT” revealed that IT executives pegged the following as their biggest pain points when it comes to IT: human error, lack of process and workers not following established processes.
What can companies to do streamline IT processes and find solutions to insider threats? After all, within the “gated community” of organisational security, the user is the last line of defence.
A gap too big to span?
One of the biggest debates in recent years when it comes to the digital workspace is bridging the gap between worker enablement and security. It’s an old conundrum in IT: new technologies are constantly being layered into the infrastructure, but hardly anything is ever thrown away.
The result is a hodgepodge of hybrid technologies seeking to solve the same problems. And this is far from invisible to workers, who are often required to shift from app to app, from physical to virtual, in an awkward sequence of steps that has them longing for the relative simplicity of the consumer technologies they enjoy at home.
And IT security is perhaps the greatest culprit in the disruption of worker productivity. Is your organisation overwhelming your workers with too many checkpoints to cross and too many updates to install? Are your existing security systems working together? And if so, are they working together seamlessly? Organisations must create a safety net around their workers – the risks of cyberattack are too great to do otherwise – but they must do it in a way that doesn’t inhibit individual productivity, allowing workers to work when and where they choose, on the devices that are most productive for them.
And all this must be accomplished with safety controls in place to prevent them from being the source – witting or otherwise – of security threats.
Yes, there are solutions
IT must be continually on the defensive, protecting workers and the infrastructure from easy-to-make, yet potentially tragic mistakes. And, good news: there are several decisive steps an organisation can make that will secure the organisational community without undue impact on workers.
Deploy automated, context-aware access controls
Automate the many processes and workflows that govern the access each worker has to apps, databases and services within his or her digital workspace.
Technology is available now that will: 1) Govern what resources can be accessed for each person, based on their immediate working contexts, including the devices being used, physical locations and time of day, 2) Automatically provision and de-provision those resources as needed based on that working context, 3) Track that access gathering data necessary for guaranteed, easy audits
Low-maintenance whitelisting with automation
Human behaviour is your greatest security risk. And today’s cyber crooks are becoming increasingly creative in their attempts to exploit human inattention. Context aware whitelisting and blacklisting can ensure that only permitted apps can be executed; and the list of permitted apps can be governed by IT based on what the business chooses to allow, and each individual worker’s context at the moment access is attempted. Whitelisting adds a thick layer of protection by only allowing approved executables to be opened.
Although many organisations have some form of whitelisting in place, maintenance burdens can be high for traditional solutions. A new approach can not only use automation to better maintain the whitelist, but can add user safeguards by automatically verifying unique file signatures. This ensures that the files being executed are authentic and that workers aren’t being tricked into opening different infected files.
Automate the onboarding and offboarding of workers
More than 13 per cent of workers can still access a previous employer’s systems using their old credentials. And there’s much more. In a study on rogue access, Intermedia found that 89 per cent of ex-workers retain access to at least one app from a former employer. 49 per cent actually logged into an account they were supposed to no longer have access to and 45 per cent retained access to confidential data.
When employees leave the organisation that is the moment they pose perhaps the greatest risk to the organisation. IT must tightly integrate de-provisioning processes into existing human resource apps, project management systems and other enterprise identity stores. Doing so allows worker access qualifications to be automatically managed and altered each time a worker’s identity status is changed in those systems.
With a more holistic approach to identity lifecycle management, organisations can significantly improve productivity, compliance and security – and prevent former employees from exposing the organisation’s data and systems to extremely high risk.
Stamp out “Shadow IT”
Today’s crop of workers are productive like never before, thanks to the incredible technology available through modern digital workspaces. But this productivity also breeds an “I need it right now” attitude towards new technologies. And if IT can’t provide it “right now”? Often the worker’s solution is just a log in or credit card away, with ubiquitous cloud-based solutions studding the skies overhead.
The risks are great. IT must prevent employees from taking matters into their own hands to solve IT issues. But is shadow IT best prevented by hiring an army of alert IT professionals, available 24/7? Or is there an easier (and cheaper) solution? Yes! Through automation, IT can provide on-demand, self-service access to the apps and services workers need, and prevent workers from circumventing access rules. This can include password management, access to a new data drive, or a request for a particular workspace app. The best way to prevent workers from going around procedures is to give them an instantaneous, trackable and reliable way to get what they need from IT. No hassles. No tickets. No violations.
Security should come naturally to an organisation, but it will likely never become second nature to many of your workers. When we’re at home, we’re surrounded by a sense of security – no matter how real or illusory it truly is. Many of us don’t truly think about security unless our perimeter is breached. But IT can build a powerful security shroud around its systems, its data and its workers, by using automation and self service to simplify security processes, empowering workers to focus on their responsibilities without disruption, and keeping the enterprise safe from intrusion.
To be sure, no security solution is perfect. But we owe it to our organisations and our fellow workers to do our very best.
Stacy Leidwinger, VP of Products at RES
Image source: Den Rise/Shutterstock