Page 192 - Cyber Defense eMagazine December 2023
P. 192

Identity management is imperative for a robust zero-trust architecture

            CISA's updated strategy is primarily intended to align with Biden’s National Cybersecurity Strategy, which
            mandated the implementation of Zero Trust for all government organizations by 2024. Zero Trust has
            emerged as an industry standard for combatting modern security challenges as it enforces two-factor
            authentication as a baseline, thereby reducing the chances of unauthorized access. And yet, even two-
            factor  authentication  can  be  manipulated,  which  brings  us  back  to  the  importance  of  robust  identity
            management.


            Identity data informs Zero Trust protocols at every stage. It allows for dynamic authorization, where rights
            and privileges are not granted en masse but are provided on a need-to-access basis. Think of it as moving
            from a cash-based system to a card-based system in your security strategy. You no longer carry "bags
            of  money"  (or  unfettered  access);  instead,  you  operate  with  a  "credit  card"  (or  rights  just-in-time),
            constrained by spending limits or operational permissions.

            Therefore,  understanding  the  true  nature  of  identity  data—including  the  identity  of  users,  services,
            applications and devices—is paramount for setting up a Zero Trust architecture.



            How to achieve greater visibility over all identity data points

            Firstly, organizations need to develop a clear understanding of what identity data is. One major issue that
            tends to be overlooked in cybersecurity discussions, even by esteemed organizations like CISA, is the
            nuanced role of identity that extends beyond human users. When we say "identity," it's not just about
            ‘John Doe’ accessing his workstation. It's also about a specific microservice querying a database or an
            IoT device reporting metrics. Essentially, every subject moving through the digital environment to access
            resources must be managed, authenticated and authorized.

            To implement a genuinely robust security posture, the quality of the identity data is also paramount. It's
            no longer enough to base access control on static, rarely updated information. A dynamic and real-time
            approach is required, utilizing the most current data to inform every access decision.

            The repercussions of poor-quality identity data can be devastating for a business's security infrastructure.
            A telling example is the role of privileged accounts in security breaches; a 2021 survey revealed that 74%
            of  organizations  that  fell  victim  to  cyberattacks  claimed  that  their  privileged  accounts  were  involved.
            These accounts often provide access to the most sensitive and confidential resources, making their
            protection imperative.

            Imagine that due to a vulnerability in your system, an employee's title is changed to CFO. This change
            could give them access to highly sensitive payroll and financial information, thereby posing a significant
            security risk. The same logic applies to applications, devices and services. Therefore, the integrity of
            identity  data  becomes  the  bedrock  upon  which  all  your  network  security  policies  should  be  built.








            Cyber Defense eMagazine – December 2023 Edition                                                                                                                                                                                                          192
            Copyright © 2023, Cyber Defense Magazine. All rights reserved worldwide.
   187   188   189   190   191   192   193   194   195   196   197