2 minute read
Companies Must Place Greater Emphasis on Authenticating Digital Identities
How has the Zero Trust Network Architecture evolved since it was first coined in 2010?
As regional organizations try to manage the ever-changing threat landscape and secure a growing attack surface, the Zero Trust framework is becoming increasingly popular. As the name suggests, Zero Trust demands authentication at every connection to an organization's network to create an impenetrable barrier around the organization.
Advertisement
The Zero Trust approach has developed over time from a Fort Knox-style approach which adds friction and can hinder employee experience and productivity, to one that employs intelligent passive indicators based on behavioral analytics.
The former necessitates authentication of every touchpoint connecting to an organization's network. This strategy causes unnecessary friction, reducing staff productivity and putting security resources under strain. However, a new approach to security known as Zero Trust 2.0 enables organizations to maintain the same "Fort Knox" degree of security while also ensuring employee convenience and productivity.
The answer lies in passive behavioral indicators, for example the pressure a person exerts when typing or the way they swipe a device is unique and inherent to each individual. This unique behavioral data, when combined with data from a user's device and location, aid in positively identifying users, instead of just looking for fraudulent users which can result in lots of false positives and increase friction.
Zero Trust 2.0 layers passive behavioral indicators over of knowledge-based passwords and location or device-based indicators used in the traditional Zero Trust strategy, allowing organizations to enhance their authentication process without adding friction.
Do you believe that enterprise IT departments today require a new way of thinking because the castle itself no longer exists in isolation as it once did?
In a nutshell, yes. With the work-fromanywhere culture gaining traction in the region, and multi-cloud strategies broadening the attack surface, it is critical for organizations to consider technologies must protect their infrastructure from any device, from any location in real time, but at the same time maintain convenient access and maintain productivity.
To do this successfully, companies must shift from an end-point-focus to a people-focused approach to security. The traditional Zero Trust strategy is centered on authenticating each touch point with an organization's network usually from one or the same location on the same device. This approach forces employees to constantly validate their identities at each point of entry but doesn’t necessarily identify if someone is gaining unauthorized access using stolen credentials, and only looks at a set number of interactions.
Organizations that employ Zero Trust 2.0 can better combat fraudulent activities by using unique employee behavioral profiles. Intelligent passive authenticators rely on behavioral analytics, which is data created by one's digital transactions or online activity. This includes an employee's network interactions from their workplace laptop, smartphone, or tablet.
Because these indicators are passive, such as the way a pin or passcode is typed, or the way a phone is swiped, it doesn’t add friction, and can be deployed throughout the digital journey rather than at moments in time. This means organizations are protecting every interaction, and not just known entry points. This approach serves to identify that the users is who they say they are through unique inherence factors, whereas usernames and passwords alone don’t actually identify the genuine user, so a fraudulent entry could look like a genuine user.
Industry experts have warned that cyber-attacks will be focused on techniques that zero trust controls can’t mitigate. What according to you can be done to address this?
As organisations scale up their cybersecurity measures, cybercriminals respond by demonstrating greater sophistication through their malicious campaigns. To ensure the integrity of their assets, organizations must place greater emphasis on authenticating digital identities in an intelligent manner.
The individual user and their behavior are the foundation of this identity. As an example, bad actors can often leverage sophisticated AI-based software to impersonate employees based on physical characteristics, such as facial recognition, or even circumvent it altogether by claiming it’s not working and inputting the step-up method of a pin or password instead. However, with Zero Trust 2.0's intelligent passive authenticators, an organization's employees can simply use their own personal behaviors to identify themselves to their organisations. An individual’s behaviors are based on unique muscle memory and are hard for a fraudster to imitate.
