Defend against Cloud-Based Data Theft with Identity Access Management (IAM)

October 18, 2018

Contributed by Lewie Dunsworth, CISSP, CISO, & SVP of Herjavec Group

Phishing attacks will soon become ‘so last year’ in comparison to cloud-based data theft. Whether you, as a business, have begun to leverage SaaS-based cloud applications or have started the arduous task of migrating your entire data center, leveraging IaaS solutions, the cloud has become a greater target for your organizations data and opened a new door for exploitation.

It’s no wonder that an internet search for Identity and Access Management (IAM) returns so many results. In a relatively short time, security practitioners have quickly realized how important an identity is in protecting an organization. It’s become a central theme to the point where organizations are adopting “identity-centric” programs and put pressure on the cyber defense community to develop better solutions that balance usability and security.

Statistics show that the great majority of data breaches and other events of unauthorized access to sensitive information come from human vulnerabilities and the access they possess. Beyond that, the value of information stolen from cloud-based sources tends to be far greater than from other storage locations, partly due to the size and scope of the databases and because of the dependence and complexity of integrating additional layers of security in cloud-based environments.

As information security practice shifts toward AI, ML, and other means of protection, a strong identity posture starts with understanding what data you are trying to protect, who has access to the data and understand whether that access is being used in a legitimate or illegitimate manner. Once that is understood, baseline identity techniques start with restricting the access of organization employees, based on least privilege, to the sensitive information sought by cyber criminals. Because the cloud is easy to use, and simple to scale, not only do you have the proliferation of company assets being spun up in cloud-based environments but now you have to worry about who has access to the data in those environments, ensure that the external API’s are locked down and you have the appropriate monitoring in place to identify suspicious/malicious behavior. So, not only do you have to worry about infrastructure and application vulnerabilities in those environments (specifically in IaaS) but there is concern about who is now accessing that information, from where and what they are doing with it. Strong identity practices and programs ensure that you have the appropriate processes in places to define roles appropriately for cloud-based systems.

They also monitor the access and location, de-provision access when it’s not needed and govern other changes in the access of your users. The key is visibility and governance An oft-cited example is the well-meaning but dangerous employee behavior of provisioning and running unknown applications in the cloud; while they may be trying to be innovative, create shortcuts or add functionality to the company’s operations, they may in fact introduce incompatible programs, new vulnerabilities, and unnecessary access to systems. By creating a culture around access, its importance, least privilege, and identity controls, you can create a well-rounded identity program.

Professionals engaged in Identity & Access Management programs have recognized that one of the fastest growing unmanaged risks to the integrity and confidentiality of sensitive company information is excessive employee access. Beyond the internal storage of such data, such facilities as mobile devices, cloud storage, growth of the Internet of Things, and IT consumerization offer rich targets for increasingly sophisticated cyber-attacks.

Following the instincts of our CEO, Robert Herjavec, the visionary founder of Herjavec Group (HG), the company took the lead in addressing the challenges posed by developments in the world of Identity. Since its acquisition of Aikya Security Solutions in 2016, HG has built on this base of experience and expertise to become a leading provider of Identity services.

At Herjavec Group we believe in supporting what we view as the 4 pillars of identity:

1. Identity Governance & Administration
2. Privileged Access Management
3. Access Controls
4. Identity Managed Services

Identity programs are highly complex and traditionally difficult to implement at scale. We’re here to relieve the burden of integrating this layer of protection into your overall company security posture. The net effect of HG’s Identity approach is to lead a client through the identity, access and management journey. It starts with defining a custom strategy based on your specific needs, designing a solution that marries together people, process, technology, and of course the deployment of technical solutions that meet your specific requirements. You’ve also got to ensure in-house or external expertise and scale to manage the environment. The objective is to streamline your processes, improve end-user experience, enhance security and enable compliance.

I’m proud of the holistic and dynamic approach we take to Identity Services. Our “Pillars of Identity” perspective is more than a slogan. We offer a set of services that apply across each pillar:

Assessment

• Process Review
• Business Requirements
• Strategy & Roadmap Planning

Design

• Identity Solution Architecture
• Access Governance Framework
• Single Sign-On (SSO) Framework
• Role Mining, Modeling & Engineering o Cloud Identity Security
• Privileged Access Framework

Deployment

• Solution Install & Configuration
• Solution Deployment Supporting
• Testing & Validation
• Production Migration
• Integration opportunities to maximize technology o investment – SIEM, DLP, endpoint

Managed Identity Services

• 24x7 IAM Platform Monitoring
• Basic and enhanced configuration support
• Onboarding services to automate and
• Operationalize provisioning & de-provisioning

If you haven’t begun to consider Identity Services as part of your security framework, know this – your business may be scalable and running more efficiently through the cloud but you’ve opened the door to a new world of exploitation and data theft. Isn’t it time you considered Identity?

Originally posted on cyberdefensemagazine.com