Internal affairs: Threats within your organisation
By Edward Lim December 30, 2015
- The perimeter-based approach has been shown to fail
- Need to ensure that only the right people have access to the right resources
11,000 new connected devices a day – that’s how aggressive connected devices are growing in the next five years, based on Gartner’s predictions.
Smart device penetration is accelerating, with many users in Asia owning more than one. The push for the Internet of Things (IoT) will also contribute to the rise in the number of connected devices.
Connectivity has enabled the creation of a borderless work environment which benefits many multinational companies based here in Asia. From a growth strategy point of view, connectivity has also opened up the possibilities of expansion into new geographic locations and market segments.
Connectivity has also shaped the way employees work and how internal operations take place. Travel has been reduced with more emphasis on virtual meetings, and job scopes have also evolved with the increased capability to communicate more regularly and to more parts of the world.
More importantly, employees are more mobile given that they can access company resources at anytime, anywhere, from devices like smartphones, tablets and laptops. The proliferation of smart devices, complemented by the adoption of cloud computing, has definitely contributed to the growth.
However, this convenience comes at a price. The rise of Bring Your Own Device (BYOD) signifies that many employees are using their own devices to communicate and access the company infrastructure.
While this removes the need for companies to provide devices, it also means more unprotected devices tapping onto the network.
Moreover, a lot of companies do not have stringent BYOD policies. This exposes organisations to more security vulnerabilities and decentralises their digital environments.
While technologies, tools and platforms have advanced, companies continue to rely on traditional protection technologies like firewalls, antivirus and intrusion detection systems to prevent breaches.
Cybercriminals are also becoming more sophisticated with new tactics, techniques and procedures to circumvent traditional solutions.
Enterprises today require a comprehensive security solution in a landscape where a perimeter-based approach has been shown to fail.
The common approach involves companies purchasing specific security solutions to maintain data integrity, which creates an issue because a piecemeal approach hampers the IT departments from having complete visibility over the identities’ of employee access to corporate networks.
This results in holding up employee productivity while business demands take a backseat.
At the same time, users demand quick, remote access to corporate resources. Companies may not always be able to address these needs, and this eventually leads to a situation that will begin to frustrate internal and external stakeholders in a world that demands instant access to resources and applications.
A delayed response to access issues will eventually lead to employees and business units to disregard IT rules and take matters into their own hands – the rise of ‘shadow IT.’
These covert IT applications, solutions and systems are created and applied to internal networks in order to get the job done.
However, this overrides security policies, procedures and tools placed to prevent corporate and personal data loss, opening the door to damaging breaches which can be costly – both monetarily and to the reputation of the organisation.
IT departments typically only realise the identities of the offenders when technical problems develop, or when internal integration with corporate applications are required.
Such instances call for organisations to ensure that IT departments recognise the need for identity access in order to assume an authoritative role.
From a company’s security perspective, identity is important by virtue of being the only tangible concept of a foundation to ensure that only the right people have access to the right resources in a corporate network.
This is similar to the concept of owning a driver’s licence, a recognised identification document issued by a governing party that can be used for access in multiple environments.
Such a policy would vastly improve the horde of users accessing corporate resources, but allow businesses to achieve sustainable compliance across the enterprise.
In a data-enriched world, it’s inevitable that businesses will seek to constantly be one step ahead by taking advantage of analytics to directly impact company growth. This rings especially true for industries such as the government, financial services and telecommunications which carry valuable data.
In RSA’s Cybersecurity Poverty Index 2015, research showed that the government (18%), financial services (34%) and telecommunications (50%) sectors are ill prepared in terms of cybersecurity maturity (developed or advantaged capabilities), clearly illustrating their susceptibility to attacks as well.
To keep pace with advancing threat realities, enterprises need a smarter solution that protects from the end point to the cloud so as to embrace cloud-based applications without sacrificing security.
The game-changer will be the ability to provide a unified approach that is built for ever-evolving IT environments, and the need for identity management to be aligned with business priorities and concerns.
This means that the traditional silos of identity management systems are now at best mediocre methods of approaching identity within the business context.
Faced with heightened pressure to adhere with laws, regulations, and privacy policies, it is necessary for organisations to react with adequate access controls to help defend corporate data and assets – including privacy-related data such as customer information.
This is the beauty of end point to cloud security solutions – agile, centralised, intelligent enhancements that can provide rich context across all resources, users, and attributes that facilitate compliance confidence as well as access-related business processes.
Moving past antiquated technologies and misguided practices, it is imperative to establish a renewed mind-set toward a long-term cyber blueprint.
Despite the progressive advancement of protection, focused adversaries will eventually discover unique means to conduct attacks.
For Asia Pacific, this requires acknowledging that the former protection and prevention proposition is no longer effective.
Attackers have repeatedly broken perimeters and the rules of engagement have to change – make use of the tools that will be capable of detection and provide a faster response. Instead of relying on an outdated strategy, companies must proactively identify and respond to threats.
The absolute verdict is clear – organisations must grasp total visibility of their networking environment to be ready for the possibility of an attack across any and all assets.
By employing an all-round defence both digitally and mentally, companies will assume a more advantageous position to safeguard the blind spots that attackers will go after.
Edward Lim is the South-East Asia managing director at RSA.
Cybersecurity is about people too: FortiGuard strategist
Privileged accounts and insider threats
No 1 security vulnerability is careless or unaware employees: EY survey
For more technology news and the latest updates, follow us on Twitter, LinkedIn or Like us on Facebook.