Page 13 - Cyber Warnings
P. 13
Compromised employee credentials as a factor in breaches has indeed become a big caused of
concern for organizations. Forty percent of companies in a 2015 survey say they expect a data
breach resulting from employee behavior in the next 12 months
In December 2016, Gemalto, an international digital security company who is the world’s largest
manufacturer of SIM cards, released an Authentication and Identity Management Index based
on a survey of 1150 IT managers from 13 countries around the world, including the US, UK,
France, Germany, Japan and India.
Results of the survey showed that employee expectations around usability and mobility, are
affecting how enterprise companies deploy authentication and access management.
Almost 50% of the IT managers surveyed noted that they are increasing resources and
spending on access management. The time to implement has speeded up as well: 62% expect
to implement strong authentication in two years' time, an uptick from 51% of respondents who
said the same thing in the previous year’s survey.
Of the survey respondents, 94% reported they are using two-factor authentication to protect at
least one application and nearly all of the respondents (96%) expect to use it at some point in
the future.
Biometrics is a great form of secondary authentication. The problem occurs when any employee
leaves the company. For biometric or any authentication there are different repositories that an
end user credentials might be left active on.
The majority of companies still do not have any method of detecting, enforcing or cancelling a
user’s biometric authentication. Today most companies still manually disable accounts. This is
not only an ineffective time waster but leaves a business vulnerable to major security risks.
It can take weeks for a user to be removed and during that time they can still access confidential
information. To avoid errors that could result from manual offboarding procedure, I suggest
automating the process.
In my case when I left a big tech company, my email access and badge access stopped that
same day but my VPN access to internal servers was still enabled. My user credential was still
able to access internal resources.
It took the company two weeks to completely shut me out. Companies need to deploy a solution
that automates the process of onboarding and offboarding users quickly and efficiently and that
can integrate with all internal resources like AD, LDAP or other identity stores.
User accounts and credentials need to be disabled all at the same time. This will minimize
security breaches from ex-employees and from lost or stolen credentials.
13 Cyber Warnings E-Magazine – June 2017 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
