The emergence of Cloud or Anything as a Service has changed how we go about our professional and personal lives. To think, it’s not long ago that everything was run from the ‘comms room down the hall’ and the hypnotic dancing of green flashing lights signalled that all is good in the world of IT. Back then the office had all the tech, but now times haved changed.
In business, the Cloud First approach is disrupting in a way no one would have ever predicted, and while there are significant and obvious advantages to increased mobility and cloud, not everyone can see the silver lining.
For the security team, Cloud brings a lot of change and usually under the banner of Digital Transformation. The Security role is quite different, the skills are different, the infrastructure is not always their own, the applications are evolving and the entry points for a hacker are every increasing. What was once a mostly static and robust security perimeter now needs to be adaptable and scalable in order to integrate into an ever-changing IT landscape, particularly as access to resources is expected from (almost) everywhere!
One area that may have not been a major concern for security in the past, but is now a key consideration, is user experience. Simply put, if security controls are implemented without consideration for User Experience, then its highly likely that productivity will suffer. The biproduct of this happening is that people then find their own (innovative) way of doing things, without any consideration for security, introducing even more Shadow IT to the mix.
But it’s not all about technology, as Mark Child, European Security Analyst at IDC, points out in the below clip. Processes are of vital importance. Yes, Single-Sign-On (SSO), Multi-factor Authentication (MFA), and Enterprise Password Management (EPM) can support the user experience objective, but if defunct credentials are not removed, or access privileges are not updated then cyber criminals have a weak point to target.
During our recent LastPass Exchange, Identity and Access Management (IAM) was put under the microscope by our panel of industry experts: Graham Cluley (Cybersecurity Expert and “Smashing Security” Podcast host), Martin Overton (Ethical Hacker, Forensics & Malware Expert) and Mark Child (Research Manager European Security, IDC).
Watch this short video cut-out to get Grahams take on IAM and why it takes a blend of tech that’s easy to use, while Martin tells us what the focus is for ethical hackers, using real breach work to support his point. Martin also tells us how breaches can be made a lot harder for cyber criminals. Finally, Mark highlights why Trust is of vital importance across the supply chain and where the spend is going when deploying Identity and Access Management solutions.
If your business has any of the challenges discussed by our panel, take out a Free LastPass Identity trial.
And if you found this video helpful, stay tuned for more on topics such as the power of finding a common language with other teams in your business.
Here’s a link to the first blog of this series.