sb-au logo
Story image

Security experts underscore identity assurance in post-lockdown era

12 Jun 2020

As many parts of the world emerge from lockdown and breathe life into their offices again, one of the most fatal flaws would be thinking that it is back to business as usual.

In the post-lockdown era, organisations need to focus on a new normal, rather than the way things used to be. This point is particularly relevant for every organisation’s cybersecurity strategy.

As many employees worked remotely, phishing attacks and scams readily switched gears to take advantage of improperly secured home networks and devices. What’s more, corporate networks were shut down for weeks.

For example, last month the Australian Cyber Security Centre published reports of threat actors who deliberately targeted health sector organisations and medical research institutions to create even more chaos during the COVID-19 crisis. These threat actors compromised email servers and then used these to send COVID-related phishing emails – the perfect medium for distributing malware and other nasty attacks.

Healthcare organisations were not the only businesses at risk – transport giant Toll Group fell victim to a ransomware attack that may have given the attackers access to sensitive business information.

Australia is now subject to mandatory breach reporting procedures and New Zealand is not too far behind.

Now is the time to inspect security measures to properly secure access and identities that fit each organisation’s individual needs.

Cybersecurity firm RSA states that organisations should rebuild, re-prioritise and re-assess their current security programs, with the ultimate goal of enhancing threat response. 

“Identity continues to be the most consequential attack vectors for enterprises, but it is also an opportunity to improve productivity by creating a frictionless user experience with strengthened identity assurance to protect critical data and assets,” states RSA’s Craig Dore.

RSA tightly couples the concept of identity assurance in line with a user or application privilege. The higher the privilege, the higher ‘assurance’ is required. The highest forms of assurance come in a variety of flavours such as hardware devices including FIDO tokens. RSA has an influential role in supporting and driving the FIDO standard for authentication.

In addition to supporting the FIDO standard for authentication, RSA SecurID Suite strikes a balance between real-time risk detection and higher levels of identity assurance – where they make sense. FIDO has a range of legitimate security benefits, including providing a means to combat (and eliminate) phishing and allowing organisations to take a step toward a ‘passwordless future’.

Not only should identity assurance be applied to the current ‘work from home climate’ to protect user access, but RSA also provides a technology-agnostic approach to securing the entire environment from “ground to cloud”. This is why it’s not enough to simply “tick a box” to solve today’s challenge – any investment in identity assurance should be ready to solve tomorrow's problems as well.

As your organisation returns to full power, consider your digital transformation aspirations particularly in alignment with identity, use of passwords, remote access and SaaS protection.

To request a free trial of RSA’s multi-factor authentication (MFA) solutions, click here.

To find out more about YubiKey for RSA’s SecurID Access, click here.

Story image
NetMotion announces SASE platform leveraging Microsoft Azure
The platform offers integrated transport and web proxies, distributed firewalls, network access control (NAC), zero trust network access (ZTNA) or software-defined perimeters (SDP), a VPN highly optimised for mobile access, and AI-driven policy and risk analysis.More
Story image
DigiCert revamps PKI management capabilities for remote work
The revamp provides new ways of delivering certificate automation that can authenticate employees and devices, and encrypt data over networks.More
Story image
Ivanti looks to a brighter future with MobileIron and Pulse Secure acquisitions
Ivanti has acquired MobileIron and Pulse Secure, with the intention of delivering intelligent and secure experiences across all devices in the ‘everywhere enterprise’. More
Story image
Businesses can save on the hefty cost of a security breach if they're honest
SMBs and enterprises that disclose breaches proactively tend to experience 40% less financial damage, according to new research from Kaspersky. More
Story image
Commvault expands features for Disaster Recovery solution
The solution, which offers disaster recovery automation through a single extensible platform, will now support orchestration to and from on-premises, Azure and AWS.More
Story image
Trend Micro launches cloud native security solution for modern applications and APIs
“Application security is an invaluable part of the Cloud One platform, integrating technology to provide superior protection for customers deploying applications wherever it makes the most sense for them."More