Cyberattacks have become an anticipated part of the IT world, regularly striking businesses both large and small. These attacks consistently infiltrate networks and expose an organization’s valuable data, and cause brand embarrassment and irate customers. Yet, the one way cybercriminals are inconsistent is the most damaging; their attack methods evolve each year in new and clever ways. In fact, a recent Accenture study found that 71 percent of respondents called cyberattacks a “black box” and said they’re not sure how they will affect their organization.
Despite this uncertainty, there are tried and trusted techniques to anticipate threats and fortify against attacks. Advanced tools and strategies are needed to address the individual nuances of your organization and protect users and other stakeholders.
As a leading university and public research institution, the University of New Hampshire (UNH) is responsible for protecting a large base of users – more than 150,000 students, faculty, staff and alumni. Identity security is one of the most significant ways we protect against cyberattacks, and like cybercriminals, we must also continually evolve our identity security program.
Here are some of the most critical strategies we have employed – and recommend – to effectively stop cyberattacks at the door in 2019.
- Mask your identities.
If you come from a broad organization, some of your users are probably using a company identity to sign up for third-party services. At UNH, we’ve found that our users will often use their work email address to register for online forums, applications and purchases. Typically they don’t know how to disable device tracking settings like cookies, which can leave the door open for malicious actors to send phishing emails. That’s a serious vulnerability, given that 92 percent of malware is still sent by email, according to Verizon’s 2018 Breach Investigations report.
To mitigate this risk, find the location and security vulnerabilities of your identities. Next, you’ll want to create external and internal identities. The external identities will present users to the world one way, while the internal identities will be masked through VPNs and other methods to block attackers from monitoring activity.
We use SecureAuth IdP as our service proxy to authenticate, which we highly recommend for any activity in the cloud. Adaptive authentication ensures that the right user is taking the right action. This reduces attacker visibility, no matter what our users are doing.
- Reduce user friction.
Strong security is tied to a positive user experience. Requiring extra authentication steps like codes at every single login attempt can annoy users. So can carrying a hardware token or waiting on hold with support teams to request a password reset. One way to reduce friction is by offering a more painless authentication experience with self-service options for password reset and account unlocking. Layering two-factor and adaptive authentication can banish extra steps by only requiring additional action when risk factors are high – which helps alleviate the number one pain point for users.
At UNH, we must authenticate a variety of applications for faculty, staff, students, alumni, and more. Not all of them will be SAML enabled. To address that reality, we chose a solution that lets us work with all applications, all protocol options and all on-premise, mobile, cloud, and VPN resources. That’s another way we create a secure and smooth process for our users and business partners.
- Transform authentication and password processes.
Instead of relying on standard username and password combination methods, consider new technologies that use adaptive authentication and other methods tough for criminals to duplicate. Not only can you reduce support tickets and helpdesk calls, you can nullify the risk of stolen credentials.
Another valuable change: providing a consistent login experience. To eliminate conflicting experiences for UNH students, faculty, and staff, we integrated our SecureAuth IdP solution with SecureAuth Password to offer a single, unified login and authentication experience. This helps us increase our identity security for legacy applications that can be a challenge to update. Support is simpler and faster, and we can communicate more clearly with our users.
- Make your processes safer and easier.
Sophisticated cybersecurity goes hand in hand with straightforward processes when you use the right tools. This is especially important if you’re overseeing a range of roles or systems in your IT team.
At UNH, we had to consider the different workflows for our information security office, identity platform management team, student information services team, HR and planning team, and others. Most organizations have multiple authentication systems or separate workflows and policies for each application or groups of users. Navigating these multiple logins and inconsistent requirements can lead to staff headaches, rising administrative costs and wasted productivity. It can also hamper the team’s ability to spot anomalies and respond quickly to threats.
Tools that centralize security, identity, provisioning and more help remove silos, and are critical to have in place. We’ve been able to shrink our time going live – from the initial request for authentication services to deploying that application into production – from months to days. Security solutions that adapt to what you have – rather than acting as a wholesale replacement – save time and money. We adopted an authentication solution that worked with our existing identity management product, rather than something that required us to replace parts of our platform and punch holes in the firewall. The result: we have a much easier time onboarding users, and are largely futureproofed against new applications as they are introduced.
- Become more flexible and responsive as an organization.
If you’re running a technically diverse organization, you know the value of a flexible platform. From identity access control options to adaptive security controls to customizable workflows for different users, a flexible platform will be more effective at mitigating risk and security gaps.
When it comes to your team, ask yourself if they’re agile enough to respond to emerging threats. Skilled and inventive, cybercriminals will adopt whatever method they can to penetrate your network. Often emergent issues require immediate action. Build agility into your environments in terms of budget, staffing and management, so your team is always positioned to change as needed for new kinds of attacks.
Your team also needs to be ready for changes like the EU General Data Protection Regulation (GDPR), which strengthens data privacy for citizens and standardizes data management laws across Europe. Similar laws are being introduced across the United States. Leverage your security operations center (SOC) to make sure processes can be expanded and adapted. Security teams that try to address these changes and challenges in a rigid check-the-box fashion simply won’t be effective.
There’s no question that cyberattacks will continue to occur in 2019. While your IT team may face formidable security challenges next year, the right tools and the right changes will fortify your security program to stay current with the threat landscape. Agility, identity security, and an easier, simplified user experience can help your team address both traditional and more recent threats – and be more than a match for any criminals who try to attack.