Recently, ransomware attacks have been on the rise, wreaking havoc on education facilities, gas pipelines, hospitals, meat processing plants, and more. These attacks have increased in frequency so much that FBI Director Christopher Wray told the Wall Street Journal that, “the agency was investigating about 100 different types of ransomware, many tracing back to hackers in Russia, and compared the current spate of cyberattacks with the challenge posed by the Sept. 11, 2001 terrorist attacks.” In an era when companies are expected to have iron-clad cybersecurity, how is it that so many hackers are penetrating their defenses?
In the past, assigning risk to data was confusing and many folks were not certain if a particular alert should invoke an action or if it was merely a part of the seemingly endless stream of alerts coming in. There never seemed to be enough prescribed data owners and always too much finger-pointing going on. In addition, many companies did not truly understand the context of usage for the sensitive data. Access control lists give visibility into who has permissions, but if that person left the company and their access remains open to sensitive data—that leaves a big hole for hackers to enter.
Today, most companies understand data stewardship aka taking ownership of a company’s data while also assigning associated risks. Someone must be responsible for the data and that person is typically a member of the senior management staff. However, it remains a complex problem to find the correct person per data source and apply the appropriate risk management policies to protect information.
Listen to our latest podcast with Ping on Identity protection and defensive strategies.
4 Ways Organizations Can Establish a Zero Trust Security Model
1. Pay more attention to data leaving the network
They need to really look at their cybersecurity program through an identity-centric and status-centric view. Getting familiar with information from this point of view (labeling most critical data, applying appropriate risk) enables data stewards to help stop information from leaving the network without the necessary permissions.
2. Change your mindset
There needs to be a shift in the corporate mindset in the direction of looking at “what risk” is associated with “what data.” Only by applying these data associations will companies be able to mitigate some of these bad security breaches and data losses. In essence, zero-trust has become the ethos of cybersecurity and it is all related to data, identity, network, and application (OSI Layer 7 models). Looking at zero-trust is a very good method to mitigate the risk of a data breach because identity and data intersect—you cannot get to “least privilege” on data without first knowing the identity.
3. Authenticate and authorize every user
Authenticate and authorize every user and service while also realizing that everything is hostile until proven otherwise. A lot of companies have been passive about this in the past. What controls are in place to make sure the account is destroyed? Are you making sure the identities are appropriate to the person? Are you destroying permissions when appropriate? Company management—not just IT personnel—needs to understand the human identity and the identity of the processes in order to be effective against today’s bad actors.
4. Shift your security model
Security models need to shift to match all the digital transformations and there are several things to do to make the process easier:
- Single Sign-On (SSO) everything.
- Place Multi-Factor Authentication (MFA) everywhere.
When you bring them together you get a big step towards a “passwordless” environment. Ping Identity has been doing SSO for a long time, using behavior analysis and machine learning to trigger events in the identity platform to control user behavior. Because zero-trust is a team sport, Ping Identity can assist by pushing and receiving data so appropriate teams can act.
Remember, the goal of the cybersecurity expert is to provide the availability of data so people can do their jobs while maintaining confidentiality and integrity. Assigning risks, SSO everything, MFA everywhere, and using a platform such as Ping Identity, will absolutely strengthen any cybersecurity posture.
Need help getting started? Reach out to Anexinet to learn about our Identity and Access Management Modernization Assessment. Our assessment evaluates your goals, policies, and processes to provide the strategic plan and business justification for strengthening, maturing, and modernizing your Identity Management Program.