Best Ways to Prevent Phishing Attacks through Access Governance

-

There has been quite an upsurge in instances of phishing attacks during the past few months. Cybercriminals, exploiting people's COVID-19 fears, are engaging in phishing and social engineering aimed at stealing user credentials to business applications and VPNs. 


 

Ultimately, the credentials used for authentication are the network perimeter of an organization. This puts companies in a challenging position - they can limit employee access to these programs and risk negative impacts on efficiency and business continuity, or they can hope that nothing terrible happens. Many prefer the latter, and worldwide, the consequences are being felt.

Social engineering essentially depends on harnessing powerful emotions to manipulate people into taking actions that can harm them. Cybercriminals depend on emotional reactions; emotionally charged material (e.g., fake layoff notification email with a malware attachment) is more likely to lead to a successful assault. The problem is not the people. It is the cybercriminals and the strategies that they are using.

The Principle of Least Privilege 

It is recommended that organizations consider restricting user access to resources based on the least privilege principle, or the absolute minimum access needed to complete a job task. Least privilege is a strategy for access governance that has never been more important than it is today — especially because organizations depend on remotely working employees. In essence, when users have more access than required, they can inadvertently (or intentionally) breach the enforcement requirements designed to protect the organization.

Today, access governance is primarily defined by predetermined roles and permissions traditionally categorized into classes (power user, administrator, etc.). This categorization of permissions is tied to authentication mechanisms such as username/password protection models that are heavily exploited by cybercriminals through phishing and social engineering. Furthermore, if a phishing attack compromises the credentials of a user, then the cybercriminals may access or obtain as much sensitive data as the position of his victim allows. Precisely this is where the significance of least privilege comes into the picture.

According to the least privilege concept, limiting data access provides companies with the resources they need to avoid significant data breaches. Employees are going to require access to confidential data, so how do you secure data that still falls under the least privilege principle?

Concept of Zero Trust

"Zero trust" – sounding harsh as it does – symbolizes trusting no one, presuming a hazard at all access points, and never giving default access (e.g., a predetermined position and privilege). Embracing a zero-trust IT culture ensures a company can recognize all devices, users, applications, and data in its ecosystem. Then the company should set up adequate controls that will restrict access where possible. By adopting zero-trust identity and access controls, organizations minimize risk by maintaining a consistent position between who an individual (employee) is and what they have access to.

Multi-Factor Authentication 

Part of creating an effective model of zero trust includes seeking solutions that empower organizations to apply contextual attributes when access is given. Attribute-based access controls (ABAC) adjust to various contexts and ultimately determine how and when users can access information. These attributes are taken by Adaptive Multi-Factor Authentication (MFA), which requires additional authentication as users switch through systems or applications.

With a large remotely working employee base, companies will want to implement adaptive MFA so that finance or human resources workers can safely authenticate to their ERP systems. Adaptive MFA can detect anomalous activity locations or times, activate an additional authentication method, and prevent malicious access by the actor.

Ultimately, adaptive MFA and zero-trust protect the organization, the individual with almost leaked information, and the employee whose credentials were stolen.

For years companies have been trying to defend themselves from phishing attacks. What they didn't do is defend themselves through an era of emotional, social, and physical upheavals. But the present upward trend in phishing attacks should come to organizations as no surprise. Cybercriminals are always on the lookout to take advantage of any IT environment vulnerabilities, whether digital or human. Sound identity and access management practices ensure that both data and end-users are protected during these unusually tough times.

Comments

Post a Comment

Popular posts from this blog

The Most Prominent Emerging Cybersecurity Threats

-
Image
  Because of the   COVID-19 pandemic , organizations around the globe were forced to implement a work-from-anywhere scheme. With staff accessing cloud resources, collaborative tools, and remote systems from home and public networks, and not only via the privacy of a VPN, this has become the new way of doing business. This rapid transition brings a host of safety issues for businesses. Some of the most prominent cybersecurity threats are outlined here. 1. Evolving Traditional Cybersecurity Threats  Cyber threats such as phishing, malware, trojans, and botnets will remain prominent; it seems obvious. Such attacks, mostly mined from company websites and social networks, are increasingly automated and customized to personal information. These kinds of hazards will continue to increase in number and frequency as movements towards automation increase. These risks may be influenced by current events as well. During the pandemic, we saw a surge in phishing emails, taking advantage of the unfam
Read more

PeopleSoft SSO: Improving Employee Experience

-
Image
Employees manage various logins, including emails, financials, CRM software, and other programs and systems built during a regular workday to simplify their daily activities. Remembering and recalling all the usernames and passwords associated with such systems can be daunting and contribute to a loss of productivity. Single Sign-On (SSO) is an Identity and Access Management (IAM) method that enables users to authenticate securely with different websites and applications, by signing in only once — with only one set of credentials. The app or website (which the user is attempting to access) relies on a trusted third party with a Single Sign-On solution to authenticate the users' identity. Why is SSO important today for Human Resource Organizations? 1. SSO Makes the HR System User-Friendly and Easy to Use SSO's greatest benefit is that users can switch between applications safely without having to specify their credentials time and again. SSO effectively incorporates individual s
Read more

Improve Security Posture With The Zero-Trust Security Model

-
Image
  There has been a sea change in how employees connect to and interact with the enterprise resources to get things done. The conventional network security model was programmed to connect staff to the data center's services they required. There were very few remote workers at the time and using an operationally complex VPN, they linked back to their home network. With the dramatic, unpredictable changes brought about by the pandemic, most workers now work remotely, and almost all businesses today use multiple public cloud services. Coupled with the security flaws associated with VPNs, these factors mean that the conventional model is no longer reliable. The Zero-Trust Security Model A critical weakness in the usage of remote access VPNs is that once users are authenticated, they are considered trustworthy and given complete access. As a consequence, once a hacker reaches the firewalls of an organization, with little resistance, if any, he/she can travel around the network. John Kind
Read more