Today’s rapidly changing business, emerging of cloud or hybrid environments, has rendered useless the cyber security approaches of yesterday. One of these is known as perimeter defense. Data is a monetized business asset and it needs to be always available regardless of time, location or devices. And not only for company or organization internal users, but for partners and customers as well. Not to even mention IoT, software robots and API’s.
But does it mean that cyber security corner stones of confidentiality and integrity are forgotten? Not at all. Security breaches are not only targeted for data theft but for data tampering too. Therefore, it is justified to say that data integrity is as important as data confidentiality, and the importance of both is now crucial. The approach has to change as old rules don’t apply to the new playground.
Having control on your environment has evolved from controlling the perimeter borders to controlling every event occurring in the perimeter-less environment. Or should we say, every object in an environment is a micro-segmented, centrally managed perimeter of its own. That’s where the importance of identity and access management (IAM) comes into picture. Identity is, and should be, linked to every event. The concept of access management has evolved from statically assigned access rights to “verify everything”-approach. This means that all events, with the identity linked to them, are constantly verified for legitimate access and monitored using automated risk assessments and user behavior analysis tools.
Visibility is knowing what is actually happening in your environment. Without visibility, integrity and confidentiality may be compromised. The questions many organizations struggle to answer are:
Being able to answer these questions is a good start for building visibility and ensuring integrity.
Data integrity and non-repudiation can go hand in hand as non-repudiation can also prove integrity of data. Also, it will give visibility and audit trail if or when a security breach occurs. Combining visibility with control it is possible to greatly mitigate the risks of security breaches while not compromising operational efficiency.
What building blocks should we be looking for when implementing visibility and control?
To pick one, the current hot topic in IAM domain, Privileged Access Management (PAM) is an important piece of the puzzle. PAM is targeted for privileged identities and privileged access, where the most risk regarding security breaches often lies. Having a PAM solution, instead of traditional, diverse methods of privileged access for human users, software robots, IoT and API’s, is a defining factor of a modern cyber security approach. Centralized control of privileged access events, visibility of what is actually happening, and non-repudiation all come in one package. A package in a digitalized form, always available regardless of time, location or devices. But only if you wish so. You can also actually control time, location and devices. Or you can just sit back and monitor what is actually happening in your environment and let the user behavior analytics alert when something is rising in the risk meters.
We at Loihde Trust Spellpoint are happy to help you with any questions of IAM and PAM in a cloud-era world!
Read also Petteri’s thoughts on PAM.
Senior IAM Architect