5 Tenets of a Robust Security Infrastructure
Mike Dessert, April 23, 2020
The global number of cyber-attacks reached an all-time high last year and shows no indication of slowing down. In fact, cyber-attacks and data fraud are two of the top 10 global risks for this upcoming decade according to the World Economic Forum (WEF) Global Risk Report.
The National Counterintelligence and Security Center (NCSC) recently asserted that “sound counterintelligence and security procedures must become part of everyday American business practices.” In an attempt to educate organizations on this growing issue, the WEF Centre for Cybersecurity created the “Cybersecurity Guide for Leaders in Today’s Digital World”, a guide that covers 10 tenets of cybersecurity, including facets like employing zero-trust infrastructure and supporting a culture of security.
In this post, I will highlight a few of these tenets, and how Okta can help organizations execute on them to help them get the most out of their security programs.
Protect Access to Mission-Critical Assets
The first tenet I’d like to touch on is the importance of protecting access to mission-critical assets — in other words, granting only the right users the right level of access to the right resources at the right time. When this level of restriction is not met, a malicious hacker that breaches the account of one individual could potentially have free reign to steal data from across the entire organization.
Historically, organizations have kept their data secure through the use of firewalls and similar on-premises technologies. Everything within the network was considered trusted, while everything outside the network was considered untrusted. But considering how mobile employees, contractors, and partners have become an increasingly integral part of the workforce, this on-prem vs off-prem approach simply does not create a strong unified security posture (and does not globally scale either).
Okta’s approach to this need is to empower organizations with identity and access management as a critical foundation for their own “Zero Trust Security” environments. In a Zero Trust model, the organization does not assume that users should be trusted simply based on their network location; instead, all users must be verified before gaining access to corporate data.
The Okta identity cloud helps organizations achieve this by allowing admins to specify exactly which users receive what level of access to what applications at every part of the user lifecycle. Okta’s Risk-Based Authentication functionality takes this level of precaution a step further by analyzing contextual factors like the location, device, and network of each user login attempt, and responding with appropriate secondary authentication requests based on the risk level of the login attempt. The result is vastly improved security for mission-critical resources — regardless of where the user is attempting to log in from.
Build and Practice Strong Cyber Hygiene
According to the WEF Global Risk Report, “Effective and consistent implementation of strong cyber hygiene could have potentially mitigated the majority of the cyberattacks of the last decade.”
Cyber hygiene encapsulates a large swath of practices, but I’d like to emphasize the importance of one area mentioned in this report: Implementing strong organization-wide authentication. Common threats like credential stuffing take advantage of weak authentication (poor password policies, password reuse, missing or weak multi-factor authentication, etc.), and can cause serious organizational harm.
Many organizations address this risk by implementing strong password policies and MFA. This is a good start, but consider that according to Verizon’s Data Breach Investigations Report in 2019, 80% of hacking-related breaches involved compromised and weak credentials — not to mention the headaches that passwords cause for users.
We endorse simplifying the authentication process by eliminating passwords completely; Okta FastPass allows users to register their device to Universal Directory via the Okta Verify App, establishing a unique binding between the device and the user in the Okta Identity Cloud. The result is a completely passwordless login experience that works on any device across browsers, desktop applications, and native mobile applications.
Prevent, Monitor and Respond to Cyber Threats
While preventing cyber threats before they can ever begin is critical, detection and response are just as important. To help automate the process of threat monitoring and response, Okta offers a tool called Threatinsight: a feature that leverages Okta’s network effects of 8,000+ customers, collecting and analyzing metadata and behavioral signals to reveal risks from suspicious IP addresses that could otherwise go unnoticed. When Okta sees large-scale identity attacks like DDoS, password spraying, high rate of login failure, etc., those IPs are added to the ThreatInsight pool, and customers can choose to block access from those IP addresses. The result is a more proactive approach to keeping bad actors out.
Foster Internal and External Partnerships
The next tenet I’d like to touch on is rooted in helping information security teams to be more responsive and agile to urgent business needs by fostering partnerships with both external organizations and internal employees. For many companies, this involves extending Cybersecurity practices and discipline to franchisees, supply chains, JV venture partners, and beyond.
Okta has a strong set of partners and ISVs to provide deep integrations to support IT and security teams. Our partnerships with organizations like CyberArk, VMWare, Cisco, and others have a strong track record of boosting security for our customers, providing cloud and on-premise “Defense in Depth.” But external partners are just the beginning.
The proliferation of cloud apps has turned every organization into a technology organization and has, likewise, made security the responsibility of every employee. More than ever, it’s crucial that organizations foster cultures of cybersecurity. We strongly endorse finding internal advocates for security initiatives, such as when implementing security frameworks like NIST. But we also empower our customers to take the value of employees even further through our UserInsight tool.
This tool alerts end users to suspicious activity within their account, including logins from new devices and the enrollment or resetting of authentication factors. After being notified, end users have the ability to report the activity to their admins, kicking off automated incident response workflows. The result is that would-be targets become first responders in identifying and addressing attacks against our customers’ user bases.
Protect Your Email Domain Against Phishing
Phishing is one of the most common cyber threats that organizations face today. Globally, 88% of businesses experienced targeted phishing attacks in 2019 and 55% were impacted by a successful breach. Recently, hackers have even begun to implement machine learning into designing their phishing attempts, crafting personalized and enticing messages that, at first glance, are indiscernible from the sender’s regular communications.
While training employees and implementing simple email filters can help to prevent these attacks, hackers have seen these preventative measures for years. At Okta, we encourage organizations to take some additional steps, such as by implementing Single Sign-On and Adaptive MFA, eliminating blind spots by automating lifecycle management, and by empowering users to alert IT of suspicious activity via UserInsight.
Okta has partnered with several companies in our extensive Okta Integration Network (OIN) to apply adaptive security policies across all users and deploy remediation processes in the case of a successful phishing attack.
Learn more
For more information on how Okta can support your organization in tackling today’s today’s cybersecurity challenges, Check out the resources below: