Securing Increasingly Decentralized Corporate Environments in 2021: Changes and Challenges for Access Management
By: Juhi Fadia
Originally published in InfoTech Spotlight
It is understandable that many IT leaders are solid fans of the centralized approach to cybersecurity, arguing that it allows companies to better assess and manage their risks by being able to control every application, device, and access privilege, by the user.
Especially for organizations that handle a massive amount of sensitive information (consumer data, health data, credit cards, social security numbers, payments, cash management, and more) alignment across business units is important and centralized models have been the best option.
Using “command and control” thinking, the IT team can direct and manage all security matters within a central governance body, where all business units would be forced to abide by the same policy set. Fans of centralized IT and security (by extension) also argue that centralized governance is far more efficient, as resources can be leveraged across the enterprise, limiting duplication, and controlling cost.
A growing number of proponents of decentralization argue, however, that highly centralized solutions are more fragile, as an attack can reverberate more broadly. A virtue of decentralized cybersecurity, some experts say, is that it increases the number of points of failure which sounds counter-intuitive, but means that in such an environment an attacker is forced to compromise more components and functions in order to penetrate a system.
Michael Fritzlo, Executive Chairman of Ironsphere, makes the case for the “best of both worlds,” where IT and security can co-exist, empowering business units to choose and use their applications, while also protecting the most critical infrastructure, devices, data, applications, and information in a centralized fashion, as appropriate.
“CIOs and CISOs today are embracing a hybrid cybersecurity model, which makes sense given the natural decentralized nature of the cloud and as-a-service cloud-based applications,” Fritzlo said. “The choice between a centralized and decentralized approach to cybersecurity isn’t binary, and we are seeing with our customers in government agencies, large financial institutions, communications service providers, and other industries that it only makes sense to get the mix right for optimizing productivity and profitability, but with proper governance.”
Michael Fritzlo said that the transformation to a hybrid centralized/decentralized environment starts with a hard look at the business and the security threats it faces, an analysis of regulatory requirements and auditing practices, and a review of the business applications in question. For example, a team that does not work with highly confidential or sensitive information may be able to subscribe to collaboration services like Slack, without the IT team requiring extreme oversight into what is happening on that platform.
On the other hand, teams that work continuously with records that include social security numbers, payment information, private health information, and other sensitive and valuable content need a more sophisticated and centralized approach including Privileged Access Management – fully monitored and managed.
“The advantages of the decentralized IT model are clear,” Fritzlo said. “The main advantage is speed and flexibility. If a user in sales operations needs a new app to support a new sales opportunity, the user can get permission from their local manager and can purchase and configure the cloud-based app in minutes and start working. Not much of a risk there, right? The challenge comes when this is multiplied by tens of thousands of users, without a clear policy in place, which is why IT leaders are moving to a hybrid approach and apply modern cloud-ready access management software to observe and control risk in the background.”
Fritzlo explained that quality security is a “team sport” in organizations. “Everybody has a role to play in supporting adequate IT security, so it is always important to set policies, communicate those policies, explain why those policies are important, and provide tools to make it easy and safe for users to take advantage of as-a-service applications. With the rapid growth of work-from-home scenarios, communications, and solutions for cybersecurity given decentralized workforces have become even more important.”
Automation, including access managers, are evolving to support multi-cloud, multi-application, multi-regional organizations, addressing a “moving target” when it comes to securing the perimeter at the edge and sessions from edge to cloud. “There is simply no way to secure the amount of computing and collaboration underway in enterprises manually,” Michael Fritzlo said. “With technologies like session management, single-sign-on or SSO interfaces, adoption of two-factor and multi-factor authentication, keystroke recording, and real-time analytical monitoring of activities, it is possible to give employees, contractors, and partners the productivity tools they need, without leaving infrastructure and assets at risk.”
The debate on centralized vs. decentralized IT has been going on for decades, and there are solid arguments for both choices. The rise of the cloud changed everything, and today “shadow IT” continues to challenge CIOs and CISOs who are charged with protecting the assets of their organizations while also not restricting the number of productivity tools available which employees and contractors continue to find and use rather than using “official” applications.read more
2020 was a year of tremendous chaos and stress on many levels and stretched the limits of IT teams who were responsible for securing corporate assets, as entire companies sent employees home to work, including those same IT teams. A new generation of IT heroes was born, and CIOs, CISOs, and IT analysts and managers stepped up to address uncommon challenges, even as cyberattacks grew to all-time highs.read more
With new software-based approaches and cybersecurity automation, organizations can protect themselves from one of the primary causes of breaches – adversaries taking control of privileged accounts by being able to “crack the code” on privileged users’ passwords.read more