As the number of people working from home grows, we’re seeing more cyber adversaries appear in the crowd. While their methods of attack may not be all new, their tactics for “getting in” are focused on the world’s new normal. CISOs, it’s time to revisit your identity and access management (IAM) initiatives.
Focus on strategy, technology, and education as they must all be bolstered and re-evaluated. What may have worked when it was only a minority of your employees working from home may not be enough to handle the massive influx of the additional work from home employees.
There are many things to consider as you take a closer look at your IAM strategy. For example, the more employees that work from home the more personal devices may be accessing your network. More personal devices accessing your network means an increase in single sign-on (SSO) and multi-factor authentication (MFA) traffic, and more SSO and MFA requests means more traffic through your VPNs and networks. You’re going to need to address these issues head on, and you’re going to need to do it fast. After all, IAM effects every part of your organization.
Ask yourself the following questions. Are the employees educated on the dos and don’ts of working from home? Have they had the appropriate level of security training? Are there policies in place that restrict access to certain networks based on roles and responsibilities? Can my directories handle the additional requests that it will be subjected to? Do I have a back-up plan in place?
A Gartner survey suggests that 48% of employees will likely work remotely at least part of the time after COVID-19 versus 30% before the pandemic.
These are just a sampling of the things to consider, and we didn’t even mention how you’re affected if you have an on-prem vs hybrid vs cloud-only infrastructure, or what you need to think about from a compliance perspective.
Here are some things that you can do to enhance your IAM security posture.
Increased user cybersecurity awareness and assurance
- Enhanced security training and awareness programs.
- Reinforce key security messages, cyber hygiene, and best practices when employees are working from home.
IAM infrastructure review
- Dynamic scaling to meet the new demand.
- Support for DevSecOps remotely.
PAM infrastructure review
- Seamless discovery of shared accounts, software, and service accounts across the IT infrastructure.
- Identification and continuous tracking of ownership of privileged accounts throughout their lifecycle.
- Establishing and managing privileged session to target systems for enhanced operational efficiency of administrators.
Secure VPN and remote working design
- Existing architectures will need to be scaled up and new architectures designed.
- Router and firewall security configurations will need to be set and assured.
VPN, application penetration testing and remediation
- Cybersecurity configs implemented correctly.
- Known vulnerabilities mitigated.
- New vulnerabilities identified.
- Assurance of effectiveness of remote working controls.
- Audit and monitor user accounts.
- Data leakage prevention.
- Consider user entity behavioral analysis (UEBA) implementation.
- Limit extended privileges in remote working.
- Evaluate and audit your company’s current IAM strategy considering above.
- Remotely diagnose problems.
- Log and data analysis.
- Anomaly flagging.
Having an upgraded IAM plan in place will not only let you sleep better at night; it will also give you an array of business benefits that include:
- Improved agility to respond to business changes
- Reduced IT complexity and operating costs
- Easier outsourcing to cloud and third parties
- Improved compliance
- Better visibility on who has access to what within the enterprise
For more information on Capgemini IAM, please visit https://www.capgemini.com/service/cybersecurity-services/identity-access-management/
This blog is co-authored by Jeyanth Jambunathan.