Reputation is built on trust – yet the paradox in the age of access is that the only way we can build trust is to eschew it.
That age-old tool of identification–the password–no longer provides any level of security and, in fact, depending upon a password for protection is probably the worst mistake one can make.
Likewise, relying on technology alone, such as firewalls, malware detectors and anti-virus programs, can create a false sense of security that often causes more problems than it solves.
LESSONS FROM AUSTRALIA
If you doubt that assumption, look at the volume of business disruption that occurs every time a data breach is reported - an occurrence is happening with disturbing regularity since Australia began enforcing its national Notifiable Data Breach law in February this year.
The Office of the Australian Information Commissioner (OAIC), in its first quarterly report after the law’s commencement, received 63 data breach reports in the first quarter - which covered just six weeks of mandatory notification.
Since then, Australia has seen widespread coverage of the malware infection at personnel services provider PageUp that may have compromised client data. PageUp, which claimed two million active users across 190 countries, includes major enterprise and government clients such as Telstra, NAB, Coles, Australia Post, Aldi and Medibank. Many clients have suspended using the service until this matter is resolved.
CONSEQUENCES OF AN IDENTITY BREACH
A data breach costs companies on many levels:
- Financially, through lost share value
- Turnover, through lost business
- Reputation, through damaged trust.
Data breaches most frequently occur when access details are compromised: Verizon’s 2017 Data Breach Investigation Report reported that four out of five (81 percent) hacking-related breaches leveraged either stolen and/or weak passwords.
In those cases, trust is broken through the data breach because organizations could not secure the identity of people with access to their information systems.
MANDATING ZERO TRUST
For Centrify and its customers, the key to building trust in an organization is mandating Zero Trust.
What this means is managing security based on the assumption that users inside a network are no more trustworthy than those outside the network.
Today, the core to protecting your reputation as an organization is to secure identities by verifying every user, validating their devices, and limiting access and privilege - that is Zero Trust Security.
If security is the wall that protects your enterprise and its most precious assets, then identity provides the bricks from which that wall is built.
The Centrify Zero Trust Security platform uses a combination of advanced technologies such as Multi Factor Authentication (MFA), Single Sign-On (SSO), Privileged Access Management (PAM) and machine learning to constantly ensure that the only people granted access to a system are those who are authorized to use it.
The beauty of Centrify’s architecture is that is keeps track of who accesses what from where and when without degrading the experience of each person using the system. If an individual seeks access to a corporate system from an unexpected place or at an unusual time, Centrify’s integrated machine learning will “flag” the access and challenge the individual with an additional level of authentication to verify their identity.
Effective security is about integrating people, process and policy into a seamless workflow that minimizes risk and maximizes productivity.
Centrify secures identity in the age of access so you can build customer trust in your reputation.
This is written by the individual author in his/her personal capacity, and the opinions, views and/or thoughts expressed herein are solely the author’s own. They are not intended to and may not necessarily reflect the official policy or position, or the opinions or views of ThycoticCentrify or its affiliates, employees, or any other group or individual.