We’re Trusting You With These Top 4 Takeaways From Our Risky Business Webinar
In our "Risky Business" webinar, we discussed where the industry is today in terms of Zero Trust maturity; perspectives on how it’s evolving in the realm of identity and access; and how AI will transform the way organizations can track and manage user behavior risk, ultimately eliminating this “risk” from business altogether.
“Just use your best judgment, you know we trust you.”
With those words from a pair of unsuspecting parents, the 1983 Tom Cruise comedy Risky Business kicks off. If you haven’t seen it, the TL;DR is that Cruise’s Joel Goodson is a straight-A, straight-arrow who doesn’t heed his parents’ advice during a week home alone, and things spiral out of control spectacularly, derailing his promising future.
It’s a lesson that applies not only to parenting, but also to cybersecurity: even the reliably trustworthy are prone to poor judgment and can make bad decisions that put everyone – especially themselves – at risk. So how do we manage behavior risks for users when IT can’t always be around to keep an eye on things? Well, I’m glad you asked.
Just this month, Idaptive hosted a webinar that we also called Risky Business that featured Forrester VP, principal analyst, Andras Cser, and our own Chief Product Officer, Archit Lohokare. The pair talked about everything from managing user risk behavior to Zero Trust maturity, and you can check out the full discussion here.
If you’re unable to absorb it all right away, here are some of the key takeaways from the conversation:
1) Passwords alone are not secure and drain your budget
When a security breach occurs, more often than not compromised credentials (aka lost or stolen passwords) are at fault. Of course, poor security hygiene, like using the same password across apps (65% of users do this we learned in the webinar) and sharing logins with coworkers (32% of users), are part of the problem. But we also learned that with clustered computers and the exponential growth in computing capacity, passwords alone are inadequate for business users and systems today.
In addition, they can be a huge burn in IT’s spend and time. We also learned that 20% of all IT help desk calls are password-related – costing businesses on average $31 to resolve each issue. Think about all the users in an organization and how it adds up.[1]
2) Eliminating friction and the user experience is king
Users crave a frictionless experience that seamlessly grants access to the apps and services needed to do the job. It’s simple: the more time employees spend recalling or resetting passwords, the less time spent on profit-generating activities. Make them jump through too many hoops, and users rebel and figure out workarounds outside the scope of IT.
We learned in the webinar that customers and partners, too, want seamless access to their accounts – or they will take their business elsewhere. More than half of U.S. online retailers “unequivocally believe” that a better user experience will improve conversion rates and revenue at checkout.
3) The future includes user behavior context
The key to improving both access and security today and tomorrow is context. Machine learning can assess and understand human behavior to make intelligent access decisions in real-time. Whether the user attempts a login from a recognized device, during normal work hours, and at their usual location or not – smart technologies can decide whether to allow that user to pass through or to add further security steps until the person can prove they are who they say they are.
4) Zero Trust Access is the answer to eliminating user behavior risk
Managing behavior risks and poor judgment may prove difficult when you’re a parent, but a clear answer exists for cybersecurity professionals. That answer is Zero Trust Access. Using the right technology to enable an AI-powered model for identity and access, organizations can both track and manage user behavior risk in order to mitigate it in real-time, and ultimately eliminate it altogether.
Idaptive’s platform does this, learning from and adapting to millions of risk factors and logins, evolving from the need for manual, policy-driven identity and access. This automation – made possible through machine learning – brings us one step closer to Zero Trust access and the promise of security nirvana.
So, if AI-powered access control is the next step in the Zero Trust evolution, where are we in the journey towards this vision? To find that out, watch the on-demand webinar to learn more about the Zero Trust maturity model and how Idaptive can help complete the path.
[1] All stats cited here are from the report, Five Best Practices to Alleviate Employee Password Burdens While Reducing Security Risks, Forrester Research, Inc., September 18, 2015
Corey Williams
Corey Williams is the Vice President of Marketing & Strategy and lead evangelist for Idaptive, leading all marketing functions, as well as market development and strategy. Corey served as the Senior Director of Products and Marketing for more than a decade at Centrify where he was the visionary behind, and the first product manager of, the set of products that were ultimately spun out of Centrify to become Idaptive, including leading SaaS services for Single Sign-on (SSO), Adaptive Multi-factor Authentication (MFA), endpoint and mobile context, and User Behavior and Risk Analytics (UBA).
While at Centrify, Corey defined and brought to market seven net-new product offerings directly contributing to the growth of the existing customer base from less than 400 customers to over 5000 customers. He also led efforts with major industry analysts that directly resulted in Centrify being named as a leader in all of the major analyst reports including the Gartner Magic Quadrant and Critical Capabilities reports for Access Management, Worldwide; Forrester IDaaS Wave; KuppingerCole Cloud MFA Leadership Compass; and Network World Clear Choice Winner for Single Sign-on Solutions.
Corey is a frequent speaker and commentator on IT Security and IT Management. He has authored several publications, including “Zero Trust Security for Dummies”, a leading guide for enterprise managers.
Prior to Centrify, Corey led products and marketing for SpikeSource (acquired by Black Duck Software), Syndera (acquired by Tibco), and Journee Software (acquired by Initiate Systems). Earlier in his career, he managed pre- and post-sales consulting for Active Software (acquired by webMethods).
Corey holds degrees in Mathematics (BS) and Computer Science (BS) from New Mexico State University, as well as an MS in Engineering and an MBA from San Jose State University.
CHAMELEON-LIKE SUPERPOWER
If Corey could have any chameleon-like superpower, it would be the chameleon's tongue, which is ridiculously fast. Some of the world's smallest chameleons have the world's fastest tongues. In automotive terms, the tongue could go from 0 to 60 miles per hour in a hundredth of a second! “I would be able to complete webinars in 4.5 seconds instead of 45 minutes!”