Secure cloud migration with privileged access management
Article by ThycoticCentrify chief security scientist & advisory CISO Joseph Carson.
The phrase ‘new normal’ has a lot of different meanings, since everyone’s experience is different. However, in a business context, one experience is common to almost all organisations – the adoption of remote working.
A new global survey commissioned by ThycoticCentrify shows that around half, or 49%, have moved to a mainly home-based location during the pandemic. The percentage has been even higher in India (74%) and Singapore and Malaysia (71%).
With many organisations pursuing rapid transitions to maintain business continuity, it is now time to discover the security threats and ensure a cloud-based operating model can be as successful as possible.
The cloud – a new security challenge?
The cloud has created immense opportunity, but equally, it has presented new security risks. As organisations have gone remote, their digital footprints have expanded as an ever-greater number of devices and applications were incorporated into their ecosystems. Unfortunately, this has caught the attention of cyber-criminals who are actively taking advantage of this.
Tackling cyber-crime is a challenge of cloud migration, yet it is not the only one – insider risks are also a potential menace. Without proper security protocols, staff may also be able to take advantage of their access to sensitive data. At the same time, former employees may retain access to confidential information long after they have left.
In this context, ThycoticCentrify’s survey makes for concerning reading. It found that around four out of five respondents have engaged in at least one activity that could put their organisation’s digital security at risk over the past year. This included:
- 35% who saved passwords in their browser (Australia/NZ 43%, Singapore/Malaysia 36%, India 39%, Japan 28%)
- 32% who used one password to access multiple sites (Australia/NZ 42%, Singapore/Malaysia 37%, India 33%, Japan 24%).
Privileged Access Management (PAM) – enforcing the principle of least privilege
Given the multi-faceted threat landscape, security considerations must be a priority for cloud migration. Developing a flexible security posture has never been more important. More than ever before, companies have a responsibility to protect sensitive information, ensure compliance and prevent unauthorised access to systems.
Privileged access management is a way in which this can be achieved. PAM securely manages users’ privileged access, adding additional security controls and enforcing the principle of least privilege. In doing so, an organisation’s attack surface is significantly reduced, mitigating the damage from external attacks or insider threats.
Privileged users – those that can access valuable or sensitive information – are high-value targets for cyber-criminals. Securing user privileges where possible will improve overall security and limit lateral movement and breach potential should one occur.
By forcing cyber-criminals to take more risks, they will create more noise on the network giving the defenders an improved chance at detecting the attackers.
Even phishing attacks, which are now almost inevitable given their increasing sophistication, can be mitigated by achieving holistic visibility over who has access to data, applications and systems.
A digital polygraph test for digital access
So, how can PAM be used to transform enterprise visibility, in a multi-hybrid cloud world where cloud-based operating models coexist with on-premises environments?
Primarily, PAM requires continuous authentication and authorisation, moving security to a level of sophistication far beyond the traditional password. It helps move passwords into the background and enable continuous verification, which is the core of a zero trust strategy.
PAM is like a digital polygraph test for access to an organisation’s resources. Instead of providing all users with an insecure way of accessing a company’s digital assets, least privilege means employees are only permitted to access the data they need to complete their specific function.
Not only does this bolster security, but it addresses a key pain point for many CISOs – transparency and auditability. PAM tracks the access of individuals holistically, allowing specific instances to be flagged if anything seems suspicious. In this way, visibility in both on-premises and cloud environments is transformed. It creates an audit trail, allowing breaches to be spotted earlier and traced back to specific points of access.
PAM can offer insight into risks that may be adjusted depending on the threat landscape. In particular, the ability to manage access with continuous authentication is key.
PAM is an essential solution for organisations migrating to cloud environments in creating an adaptive risk-based model that allows a security team to manage the security fence as required. Identity is the new perimeter, and PAM is the perimeter security for access. And like remote working, managing privileged access is now part of the new normal.