Q + A + Q + A + Q + A + Q + A + Q + A + Q + A + Q + A +
NEIL RIVA , PRINCIPAL PRODUCT MANAGER AT JUMPCLOUD
EDITOR ’ S QUESTION
As a technology leader focused on identity , privacy and authentication I know what to do to protect my company and myself from cyberattacks . But how do I ensure my colleagues are on board and follow best security practices ?
After all , the weakest link will break the chain . Now that much of the enterprise workforce is remote due to the COVID pandemic , the need to adapt and respond to provisioning and managing remote users and devices has increased . The IT infrastructure has become decentralized and strategies for user and device identity management and access control have to leverage cloud-based products based on Zero Trust principles .
These three key principles help to mitigate the security risk that employees bring into the enterprise .
1 . Trust nothing , verify everything . We are in a world where the users and devices are no longer tied to a domain . To adjust to the new domainless enterprise and to beat back security threats , we must remotely onboard users and devices and ensure users can securely access applications with MFA , with guaranteed policy delivery and enforcement across this new distributed workforce .
While the phrase ‘ Zero Trust ’ is used regularly , what I mean by it is that we trust no person , trust no device , trust no application . Enterprises with no domain boundaries can secure users – and protect against users ’ poor security practices – through robust identity management governed by policy-based , adaptive authentication built around device trust .
2 . Enable adaptive authentication . Following a least privileged user approach , applications should be provisioned for users based on devices , groups and protected by risk based adaptive authentication policies ,
“
NOW THAT MUCH OF THE ENTERPRISE WORKFORCE IS REMOTE DUE TO THE COVID PANDEMIC , THE NEED TO ADAPT AND RESPOND TO PROVISIONING AND MANAGING REMOTE USERS AND DEVICES HAS INCREASED .
including MFA , following a least privileged user approach . If implemented , then I can rest assured that my company has a solid cybersecurity stance which will ensure my colleagues and myself are not at risk .
I no longer have to worry about my colleagues creating weak or shared passwords , since any account attack or phishing attempts requires users to input their second factor required by the MFA policy or passwordless-based authentication
3 . Focus on the device . Imagine a world where I hire a new employee and the laptop is shipped to their house and it is ready to use and complete their onboarding as soon as they unpack it . Users enrol a second factor from their mobile device , and within just minutes , the device has been secured and ready to give an employee access to the applications they need .
By creating a policy driven access control for conditional authentication around device trust , organizations can secure users within a single enterprise identity . The device is now trusted , regularly updated and , most importantly , managed remotely so that IT admins can wipe data , lock a device , or deprovision users to mitigate lost or stolen devices . Data can be wiped so that I can mitigate lost or stolen devices .
Strong and adaptive authentication rooted in device trust can establish and protect user identity and secure and protect all of their applications and resources . www . intelligentcio . com INTELLIGENTCIO
33