Apr 13, 2021, 13:52 PM
Riaan De Villiers
The lockdown has forced many employees to work from home. Working from home allows businesses to keep operating but cybercriminals have been targeting home users.
Today we look at identity and access management as a means of protecting your organisation.
Identity management during the ‘new normal’
It is no secret that the COVID pandemic changed the way businesses work. During the lockdown, a lot of workers were forced to work from home.
While working from home allowed business to continue to function, it added to the frustration of overburdened I.T. departments who had to cope with the rollout of new solutions (for instance Zoom, VPN, Teams, etc.) to meet the requirement for users to work at home.
Working from home helped businesses to keep on going, however, cybercriminals saw it as a new opportunity to attack remote workers since many home offices are not as secure as corporate networks.
User’s credentials are one of cybercriminal’s most sought after commodities. The stolen credentials can be sold on the dark web or used to expand attacks on corporate networks. A report by Forrester Research have found that almost 80% of data breaches involved weak or stolen credentials.
Increased cyberattacks and more systems to log into (increasing the attack surface) is placing a burden on not only the I.T. staff but also on the users. The users have to remember an increasing number of passwords which could lead to users selecting weaker passwords and reusing passwords on different systems. During this ‘new normal’ it is becoming clear that Identity and Access Management (IAM) is a critical component of any organisation that is serious about cybersecurity.
An IAM is a system that secures and manages user identities to various cloud and on-premises solutions. The solution implements strong cryptographic techniques to ensure that users are who they say they are.
A good IAM solution will allow IT departments to easily deploy single sign-on and multifactor authentication across multiple different platforms. The user is authenticated once and is then granted access to the resources they require to work productively.
There are multiple advantages of implementing an IAM solution.
The IAM system will give you an administration console from where all the users and their access policies can be managed, elevating the administrative burden on I.T. staff.
Improved user experience
IAM will not only make life easier for the I.T. staff but also for the employees of the organisation. Providing users with a single sign-on solution will eliminate the need to remember passwords for multiple systems.
Multi-factor authentication can be added as an additional layer of security.
Achieves audit and regulatory compliance
Greater control over user access will allow the I.T. staff to audit how and where a user’s credentials were used and see who accessed a certain resource. Detailed log files will give administrators a better understanding of system events that happened.
User access can furthermore easily be revoked when it is required, for example, when a user leaves the organisation.
Access from everywhere
Perhaps one of the greatest benefits of IAM is access to the organisation’s systems from anywhere. Users can work productively no matter where in the world they are.
With no end to the lockdown in sight-, organisations will have to learn to cope with the ‘new normal’. A good IAM system could help any organisation cope with the demands of users working from home and the increase of cyberattacks against these users.
To find out more about LAWtrust and how LAWtrust can assist your organisation simplify user management, contact us today.