Blog

I Think Therefore IAM

Descartes probably didn't have Identity and Access Management in mind as a 17th century philosopher, but for security professionals that’s not a philosophical statement – it should be a way of life.

April 30, 2015
EmailTwitterLinkedIn

Descartes probably didn’t have Identity and Access Management in mind as a 17th century philosopher, but for security professionals that’s not a philosophical statement – it should be a way of life.

IAM is defined as “the security discipline that enables the right individuals to access the right resources at the right times for the right reasons.” by Gartner. As more and more breaches hit the news, IAM is becoming more of a focus. It’s not enough to know that your data is secure, but do you know who is using it; when they are using it and why?

You cannot rely on just one strategy to ensure security. Rob Enderle suggests a 3-level approach. Do you rely on just one? As many firms are realizing, there is no single magic solution. At the very least a strategy that has multiple layers that is well-defined, broadcast to the organization and re-enforced with continued training is imperative in this day and age. It’s the responsibility of Security teams to identify and mitigate risks, but is the entire organization that has to have the thought of potential threats on their mind.

It’s not just the generous Prince of a foreign nation that we have to fear. As we know, hackers and infiltrators are becoming more and more sophisticated. It’s not necessarily a blunt-force attack that we need to look out for. The well-thought out and strategically approached assault is what needs to concern security and IT people.

If you know who has access and who should be accessing information, then you can set a baseline for business-as-usual. If credentials are compromised, then you should be able to tell when anomalous behavior is taking place. The time from assault to detection is vital. The sooner you know of an intrusion, the sooner you can remedy the situation. If an attack is not detected for a period of time, then no matter what controls you have in place, the proverbial barn door has been opened for too long.

Having complete knowledge of what is going on in your environment takes time. You have to first understand what you have, whether appropriate controls are in place, and what your legacy environment was like before the controls were put in place. If you communicate the need for diligence to your company, understand that not everyone will take threats seriously. It is the ability to detect anomalous behavior that will be your strongest defense against intrusion.

The evolution of cybersecurity

According to Gartner, IAM “enables the right individuals to access the right resources at the right times for the right reasons.” As more and more breaches hit the news, IAM is becoming more of a focus. Above all, it’s not enough to know that your data is secure, but do you know who is using it; when they are using it and why?

So what?

According to Rob Enderle, relying solely on one strategy is not enough to guarantee security. Many companies are now recognizing that there is no one perfect solution. It is essential to have a well-defined plan with multiple levels, effectively communicated and continuously reinforced through training. While security teams can identify and mitigate risks, it is important for the entire organization to be vigilant of potential threats.

The Bottom Line

We need to be careful of leaders from other countries who claim to be generous. We know that hackers and intruders are always coming up with new ways to attack. It’s not just about a direct and strong attack. We need to watch out for planned and strategic attacks, too.

Knowing who has access to information and who should be granted permission to view it is vital. Because, in the event of a breach, identifying and addressing the threat is crucial. It’s really important to detect an attack quickly so we can respond before it’s too late. A delayed attack detection can cause harm even with security measures in place.

Conclusion

Knowing everything happening around you takes time. You need to understand what you have and if there are proper controls in place. Therefore, you also need to know what your old environment was like before the controls were added. If you tell your company to be careful, not everyone will listen. Being able to spot strange behavior is your best defense against being hacked.

Stay in the loop

Join our mailing list and get notified of the latest SPHEREinsights