Controlling Access is the Key to Cyber Security

Access is the greatest opportunity and the greatest threat for businesses engaging with the online economy. Increasingly, our business systems gather, digest and disperse data throughout our operations, including confidential details about customers, employees and business partners. Mature cyber security processes are vital to protect this confidential information from unauthorised access, which can expose businesses to punishing and potentially lethal brand damage. In fact, even a cursory review of 2016 cybersecurity breaches — including the Yahoo! billion-user revelations, the DNC hack during the U.S. presidential election and the $81 million malware attack against a Bangladeshi bank — reveal their unprecedented size and impact.

If you get the impression that things are getting worse, that’s because they are.

A recent cyber security report by Telstra, Australia’s largest telecommunications company, reports that cyber crime in that country doubled in just 12 months due to the emergence of the Internet of Things (IoT) and virtual cloud environments. It states that 59 per cent of organisations in Australia detected a business-interrupting security breach at least monthly during 2016 — more than twice as often as in 2015. Furthermore, the Telstra report concludes by observing that more organizations are being successfully targeted by cyber security attacks than ever before.

“Cybersecurity is everyone’s responsibility and it needs to be built into the DNA of the organization,” the report recommends. “How well organizations respond to this challenge may well be an indicator of how successful they will be in the future.”

Industry research shows that most data breaches arise from a single point of vulnerability — compromised credentials.

“As always, compromised credentials, whether they were obtained through phishing, spyware or brute-force methods, played a major role in many data breaches,” stated Verizon in a 2014 report.

Centrify increasingly hears from customers in Australia and globally that the plethora of cloud-based applications within the enterprise is making them more vulnerable than ever before. For example, if an employee uses 10 cloud applications, that person has 10 usernames and passwords to manage. For an individual, managing that many online identities is a challenge. Scaling that scenario to hundreds or thousands of employees within an organization and the IT department faces a herculean task to ensure that passwords are securely set and secured.

When an employee leaves the organization, someone in the IT department must ensure that these cloud credentials are either rescinded or reallocated to another employee. The lack of a quick and easy deprovisioning process for cloud applications — many of which may hold confidential customer or commercial data — is a gaping hole in the security posture of many organizations, especially those that lack rigorous password hygiene.

Customers are choosing Centrify for our ability to take away the pain of password management through the single sign-on capabilities of our Centrify Identity Service (CIS).

Rather than depending on employees or IT staff to maintain the integrity of access to diverse online systems, CIS improves end-user productivity and secures access to cloud, mobile and on-premises apps via single sign-on, user provisioning and multi-factor authentication (MFA). So, as organizations increasingly exploit business opportunities in the online economy, Centrify equips them to minimise cybersecurity threats in the Age of Access.

Learn more about Centrify’s identity and access management solutions here