Secure the Enterprise
Jerome Becquart of ActivIdentity, part of HID Global discusses the challenges facing CSOs in Securing the Enterprise, and how a multilevel security approach can help safeguard the enterprise and minimize the risk of potential security breaches.
What have recent headlines taught us about enterprise security breaches, and how can enterprises increase security?
The perception that organizations are untouchable and security cannot be breached is something of the past. In the first five months of 2011, we saw 178 million to 218 million user accounts, e-mail addresses, token seed files or records stolen from companies that were breached. In the wake of recent high-level security breaches, CSOs must be ready to answer the tough questions CEOs are asking about their organizations' security prepardenss.
As threats become more sophisticated and frequent, security measures such as perimeter defense and traditional OTP no longer offer suffi cient protection. By implementing a multi-layered approach with a combination of smartcards and advanced OTP tokens, the security organization can validate and authenticate users’ access to resources, providing a trusted envirnoment for users.
Why are enterprises more vulnerable today? Where are these vulnerabilities?
Traditional security methods such as static passwords and authentication at the perimeter are almost obsolete for protecting employee credentials and enterprise data. Restricting employee Internet access has proven impractical, because it interferes with daily business operations. As the value of customer assets increases, so does the value of getting into these assets. Hackers are using social networks to breach the system, assuming employee identities. Once they have penetrated the IT network, hackers can easily access sensitive IT resources and valuable corporate information.
How can companies have a security solution that addresses the global scope, frequency and sophistication of today’s threats?
They must create an environment in which employees can establish trust in the identity of anyone accessing resources, particularly sensitive information. CSOs need to feel confident about the steps they have taken to protect the network and resources. They also need to implement an enterprise identity assurance solution that validates users’ identities, authenticates their credentials and provides access based on these credenitals. Enterprises need to make sure the security environment does not have an impact on daily business activities and that they educate employees and keep them informed.
Some organizations are implementing perimeter defense systems and smart tokens. Does this strategy address advanced persistent threats?
Yes, multi-layered strong authentication inhibits an attacker’s ability to escalate account privileges or leap laterally to compromise other users’ accounts. Using smart card to secure VPN, Windows login and server access can signifi cantly reduce the risk of breaches. Employing OTP tokens with algorithms based on multiple varaibles is also a good strategy.
As a part of HID Global, how can ActivIdentity help enterprises strengthen their security strategy into the future?
I believe that as part of HID Global our identity assurance solutions will be able to meet the customer needs of today and the future. Identity assurance solutions must be adaptable and scalable to meet the needs of the enterprise at all levels, and I believe we can provide customers with this solution. I foresee in the near future that a CSO priority will be convergence—the use of a single credential to authenticate to a PC, network, applications, digitally sign emails, encrypt data and open a facility door.
For more information, please download the white paper, "Deploying Strong Authentication: The Threats Are Changing . . . Are You?" here.