Page 192 - Cyber Defense eMagazine December 2023
P. 192
Identity management is imperative for a robust zero-trust architecture
CISA's updated strategy is primarily intended to align with Biden’s National Cybersecurity Strategy, which
mandated the implementation of Zero Trust for all government organizations by 2024. Zero Trust has
emerged as an industry standard for combatting modern security challenges as it enforces two-factor
authentication as a baseline, thereby reducing the chances of unauthorized access. And yet, even two-
factor authentication can be manipulated, which brings us back to the importance of robust identity
management.
Identity data informs Zero Trust protocols at every stage. It allows for dynamic authorization, where rights
and privileges are not granted en masse but are provided on a need-to-access basis. Think of it as moving
from a cash-based system to a card-based system in your security strategy. You no longer carry "bags
of money" (or unfettered access); instead, you operate with a "credit card" (or rights just-in-time),
constrained by spending limits or operational permissions.
Therefore, understanding the true nature of identity data—including the identity of users, services,
applications and devices—is paramount for setting up a Zero Trust architecture.
How to achieve greater visibility over all identity data points
Firstly, organizations need to develop a clear understanding of what identity data is. One major issue that
tends to be overlooked in cybersecurity discussions, even by esteemed organizations like CISA, is the
nuanced role of identity that extends beyond human users. When we say "identity," it's not just about
‘John Doe’ accessing his workstation. It's also about a specific microservice querying a database or an
IoT device reporting metrics. Essentially, every subject moving through the digital environment to access
resources must be managed, authenticated and authorized.
To implement a genuinely robust security posture, the quality of the identity data is also paramount. It's
no longer enough to base access control on static, rarely updated information. A dynamic and real-time
approach is required, utilizing the most current data to inform every access decision.
The repercussions of poor-quality identity data can be devastating for a business's security infrastructure.
A telling example is the role of privileged accounts in security breaches; a 2021 survey revealed that 74%
of organizations that fell victim to cyberattacks claimed that their privileged accounts were involved.
These accounts often provide access to the most sensitive and confidential resources, making their
protection imperative.
Imagine that due to a vulnerability in your system, an employee's title is changed to CFO. This change
could give them access to highly sensitive payroll and financial information, thereby posing a significant
security risk. The same logic applies to applications, devices and services. Therefore, the integrity of
identity data becomes the bedrock upon which all your network security policies should be built.
Cyber Defense eMagazine – December 2023 Edition 192
Copyright © 2023, Cyber Defense Magazine. All rights reserved worldwide.