Mitigating Remote Risk in Identity Management: The Capabilities You Need

Mitigating Remote Risk in Identity Management: The Capabilities You Need

What capabilities can help your enterprise limit and mitigate remote risk in your identity management

The coronavirus forces businesses of all sizes to embrace work-from-home like never before; until we can effectively and legitimately contain the virus, this represents the safest way to limit infections. Additionally, work-from-home policies (if implemented properly) can actually boost productivity and worker engagement. However, work-from-home policies and infrastructures generate remote risk, especially for companies’ identity management solutions. 

What remote risks do enterprises face in the wake of the coronavirus? What identity management capabilities can help your organization mitigate these threats? We explore both below. 

Remote Risk In Business Identity Management

User and Entity Behavior Analytics (UEBA)

Hypothetically, in an on-premises environment, if you become concerned about a user’s activities you could just go to them and ask. Obviously, this scenario makes anything but sense nowadays. If a user inputs the right credentials, how can you ensure that the user is legitimate? What if a hacker stole their credentials? Alternatively, what if the user becomes an insider threat? How could your IT security team tell? 

UEBA establishes a baseline of acceptable behavior for each user and each device connecting to the network. Therefore, it can judge all subsequent behaviors against that baseline. If the user begins to act in an abnormal way, UEBA can alert your security team to a potential threat. More advanced identity management tools can even suspend activities or accounts that go outside the pale in behavior. 

In a world that may become increasingly dominated by remote risks in identity management via remote work, this is essential. 

Multifactor Authentication (MFA)

Even while working from home, users still have access to sensitive information. This might include proprietary data, as well as personally identifying information for employees and customers. At the least, they can access company emails, which could contain any amount of sensitive information. 

Moreover, employees can access essential applications, either on the cloud or on their endpoints, which contains more databases. 

When you look at passwords as an authentication factor, you swiftly realize it can’t protect any of this. 

Hackers have passwords figured out. They could exploit users’ social media feeds to determine passwords or security question answers. Otherwise, they could purchase a simple password cracking tool from the Deep Web or implement a phishing attack to gain credentials. Even worse, hackers could simply go to a hacker forum and use previously breached passwords; the chances of a user reusing their password are disappointingly high. 

Instead of allowing this, your business needs to embrace multifactor authentication to mitigate the remote risk in your identity management. Each factor you add to the access request process better protects your enterprise from external threats. The more you can deploy, the more you can help mitigate potential breaches.

Fortunately, many authentication factors can operate passively; these include geofencing and time of access request monitoring. In fact, since you should know exactly where your employees are during the stay-in-place orders, you can easily deploy geofencing. 

Single Sign-On

A good way to help mitigate remote risk in your identity management is to reduce the number of logins required of your users. Single sign-on securely authenticates users across all of your organizations’ cloud applications with a single login. 

Unlikely Remote Risk in Identity Management (Right Now)   

In other circumstances, we would write about the remote risk of personal devices accessing sensitive information and the corporate network/IT infrastructure. 

For example, you need certain protections in case your employee loses their laptop, whether by accident or theft. However, given that the coronavirus stay-in-place orders look to extend through April and beyond, this seems like an unlikely scenario in either case.

You can learn more in our Identity Management Buyer’s Guide

   

Ben Canner

Ben Canner is an enterprise technology writer and analyst covering Identity Management, SIEM, Endpoint Protection, and Cybersecurity writ large. He holds a Bachelor of Arts Degree in English from Clark University in Worcester, MA. He previously worked as a corporate blogger and ghost writer. You can reach him via Twitter and LinkedIn.
Ben Canner