Imposter Syndrome: Why You Can’t Separate the ‘Good Guys’ from the ‘Bad Guys’
Last week, I shared some thoughts around how the former king of cybersecurity, the strong perimeter defense, had been dethroned. Adoption of the cloud and mobile has blown open too many holes in traditional firewalls, and resources (data, applications, infrastructure, devices) are becoming increasingly hybrid or even located outside of the perimeter entirely.
When it comes to identity and access, it’s becoming harder, if not impossible, to distinguish the “good guys” from the “bad guys.” So, how do we separate bad actors from good actors without introducing massive inconveniences to users?
The answer lies in a Zero Trust approach to security.
Zero Trust means “never trust, always verify.” While that might sound obvious for IT and security professionals, the nuance lies in reducing our faith in those perimeter systems alone to keep bad eggs out.
“Knock, Knock” – “Who’s There?”
Today, 10 times the number of breaches occur from identity attacks (such as stolen logins or passwords) as security vulnerabilities, unpatched servers, malware, and the like. While those additional layers of security do matter, organizations must address the vulnerabilities which accompany identity.
This comes into play with something like Single Sign-on.
Single Sign-on (SSO) has some great security benefits, such as access through one portal and cutting down on the overall number of logins and passwords that users need to remember. But what happens if that person loses their device or those credentials are compromised? There’s a security gap and malicious actors now have free rein inside your domain.
The obvious solution is to balance SSO with something like Multi-factor Authentication (MFA), which sends unique codes or tokens to users every time they attempt to login. But wait, now the experience is cumbersome for users who are doing the right thing 99 percent of the time. How can the need for both security and a better user experience be achieved?
Building Trust Through Context
Most people understand that just because a user is connected to the network, doesn’t mean that they’re trustworthy. However, by learning from users’ habits and routine, organizations can start to learn or build “trust” for them through their login context.
This is called behavior-based access, and it’s the hallmark of next-gen identity and access management.
With the right technology, companies can leverage artificial intelligence and machine learning to understand when a user deviates from their normal behavior – such as if they’re on a new device or traveling – and only then grant access once another token of authentication has been verified.
While trust takes on a slightly different meaning in cybersecurity, it also means something important to the end user. The need to balance security without hampering their experience is paramount today.
But verifying every user is just one component of the Zero Trust model. In our next blog for this series, we’ll cover how (and why) you must validate every device.