CFOtech Australia logo
Technology news for Australian CFOs and financial decision-makers
Partner content
Story image

Has the crisis killed the perimeter?

By Contributor
Mon 17 Aug 2020
FYI, this story is more than a year old

Article by LogMeIn A/NZ vice president Lindsay Brown.

For a while now, the cybersecurity industry has been transitioning away from security approaches centred around hardening perimeter defences. The recent pandemic and the shift en masse to remote work has highlighted many of the shortcomings of perimeter-centred security, further cementing that it is no longer a valid option for the future of work. 

Remote work has introduced several obstacles for security leaders that challenge the notion that there is a security perimeter that they can protect and defend. For one, it has led to a surge in BYOD, BYOA (Bring Your Own App) and shadow IT.

Employees are accessing the network via a number of devices (many of which have not been vetted by IT teams) and, without IT looking over their shoulder, many are downloading apps they have discovered themselves to help do their job.

Even with a VPN in place, employees working remotely still sit outside the traditional security perimeter, exposing the business to greater risk through data breaches launched via phishing or credential abuse.

The pandemic has also hastened many organisations’ moves to the cloud and adoption of Software-as-a-Service products for business continuity, cost efficiencies and digital transformation initiatives.

According to research from the Boston Consulting Group, 80% of senior executives around the world report digital transformation is more urgent, 61% want to take control of these programs and 57% anticipate increased investment. While digital transformation is undoubtedly required for success in today’s business landscape, it unquestioningly complicates cybersecurity, for example, by making it extremely difficult to manage security at the edge and achieve visibility.

The answer? A focus on identity and access management

For these reasons, IT teams are increasingly realising that to protect users of modern technology, the focus needs to be risk mitigation by managing identity. A modern IAM strategy can make the transition to a remote workforce easier by securely connecting employees to their work, all the while IT maintains complete control.

Here are seven ways a modern (remote) IAM strategy can address security risks in the work-from-anywhere era:  

  1. Manage access: Single sign-on (SSO) is an integral component of a remote IAM strategy and gives IT teams the control they need to manage which employees have access to which applications. IT can provision access to a corporate application, an individual or group of users, all with the insight into which users are logging in and the flexibility to revoke access as needed. Employees can improve productivity by securely navigating between assigned applications without needing to type a password each time. 
     
  2. Enforce authentication: When employees are not physically in the office, how can IT be sure the user logging in is legitimate? Whereas access enables employees to log into an application, authentication ensures the employee is who they say they are. Multi-factor authentication (MFA) adds an additional layer of security to every login attempt and is an integral part of any IAM strategy
     
  3. Be contextually aware: Another consideration for remote work is to understand the context of the login by analysing factors such as time, device or location. Contextual authentication policies can help IT teams restrict access based on these specifications and ultimately gain tighter control.
     
  4. Lock down VPNs: A virtual private network (VPN) enables employees to connect to the corporate network even if they are not in the office, which is particularly important if employees are using a public WiFi network. Every business should leverage a VPN, ideally with an added MFA security layer on top.
     
  5. Securely share: On average, a business uses 185 shared folders. Without visibility into and oversight of those shared credentials, businesses face increased security risks. This is particularly important when teams are remote and need a secure way to communicate and share credentials with their teammates. Credentials should always be shared through a password manager, so that every password is encrypted and no one who shouldn’t have access to the password gains access. Password sharing also helps teams securely collaborate and ensures every team member has access to shared accounts during remote work while IT can get insights into potentially risky behaviours.
     
  6. Go passwordless: Passwords continue to cause significant frustration and risk—to the degree where 80% of data breaches are caused by weak or stolen passwords. During times of remote work passwords are even more at risk, especially if teams aren’t securely sharing. Every password is an entry point to the business and if IT doesn’t have oversight into where employees are storing those passwords or logging in from, those business entry points are exposed. Passwordless authentication technologies, such as SSO, integrations and biometric authentication, removes the password from the employee login experience so password risks and frustrations are eliminated. 
     
  7. Maintain complete insight: Even though employees aren’t physically in the office, IT and security teams need to know who is accessing what application, from what device and from what location. Modern IAM strategies take into account how this visibility can be achieved for IT and security teams to ensure they can monitor activity with the insights to make access and authentication adjustments as needed.

The pandemic is redefining the business and cybersecurity landscape at enormous speed. It has highlighted the need for IT teams to abandon the concept of the security perimeter and instead elevate the role of identity in cybersecurity.

Having a modern IAM strategy that encompasses the above fundamentals is imperative to ensure employees can seamlessly access information and apps to remain productive without compromising the organisations’ security as we enter the new normal of working

Related stories
Top stories
Story image
Artificial Intelligence
SAS announces new products amid cloud portfolio success
Analytics and AI company SAS is deepening its broad industry portfolio with offerings that support life sciences, energy, and martech.
Story image
Customer experience
Research unveils precarious customer loyalty for retailers
New research has found customers are reassessing established brand loyalties as their priorities and behaviours shift.
Story image
Digital Transformation
Trading up: It's time to swap core systems for flexible digital applications
This year will see more oranisations planning and commencing high tech renovations that will shake up the way they operate.
Story image
Attain
Revenue operations is taking centre stage
As the business world continues to evolve, new demands need to be met to keep up with the ever-changing landscape. 
Story image
Fintech
Airwallex launches new bank feed integration with NetSuite
Airwallex has launched a new bank feed integration with NetSuite, developed in partnership with NetSuite solution partner, Onlineone.
Story image
Public Cloud
Cloud adoption still a work in progress, NetApp finds
NetApp has announced the results of the annual Cloud Infrastructure Report based on a survey of public cloud business and IT decision makers.
Story image
Artificial Intelligence
CFOs using digital workers and AI to prevent unnecessary loss
New technology is now allowing CFOs to use digital workers to automate their accounting processes, making it easier for them to avoid unnecessary losses.
Story image
SAS
New SAS service overcomes subscription fatigue for media companies
SAS has launched SAS 360 Match which helps media companies move towards a AVOD model to generate revenue as subscribers cancel.
Story image
Tech job moves
Tech job moves - Datacom, Micro Focus, SnapLogic and VMware
We round up all job appointments from May 6-12, 2022, in one place to keep you updated with the latest from across the tech industries.
Story image
Talend
Talend introduces new data health solutions for businesses
Talend has announced its latest version of Talend Data Fabric, with the release of Talend Trust Score enabling data teams to establish a foundation for data health.
Story image
Artificial Intelligence
SAS unveils AI experience to improve kids' batting abilities
SAS has created The Batting Lab, an interactive experience using AI, computer vision and IoT analytics to help kids improve their baseball and softball swings.
Story image
Training
HubSpot launches 'The Great Upskill' week to inspire learning
Brands across APAC including Google ANZ, MessageMedia, Meltwater, Seismic and Aircall, will give their employees a full workday to dedicate to upskilling.
Story image
Remote Working
How organisations can meet employees' changing expectations
The global employment market has shifted dramatically in favour of employees, sparking the so-called great resignation, in which people are leaving unsatisfying roles in search of greener pastures.
Story image
Artificial Intelligence
SAS launches human-focused responsible innovation initiative
SAS has launched a responsible innovation initiative, furthering its commitment to equity and putting people first.
Story image
Wasabi Technologies
Wasabi opens new cloud storage in Australia with Equinix
Wasabi Technologies has opened a new hot cloud storage region in Sydney, Australia, using Equinix services. This is the company's 12th global storage region.
Story image
Artificial Intelligence
Clear Dynamics closes $35M funding round, invests in global growth
The funding is a major milestone and speaks to Clear Dynamics’ vision for AI-enabled ‘composable’ enterprise software, the company states.
Story image
Ransomware
A third of companies paying ransom don’t recover data - report
Veeam's report finds 76% of businesses who are victims of cyberattacks paid the ransom to recover data, but a third were still unable to get their information back.
Story image
Employee Retention
Company values increasingly important in post-pandemic world
New research released today reveals that company values are the new currency when it comes to employee retention in a post-covid economy.
Story image
Mobility
Hands-on review: STM laptop bags
The advent of hybrid working has meant we need laptop bags. We got our hands on two of the most popular laptop bags from STM.
Story image
Cybersecurity
Three key security challenges facing the Australian insurance industry 
Insurance companies must ensure they proactively address security challenges and protect the privacy of customer data.
Story image
Kodari Securities (KOSEC)
NFT trends and opportunities: expert reveals all
The NFT market is growing at an exponential rate, with unprecedented liquidity. Here we explore how businesses can profit.
Story image
Microsoft
SAS Viya on Microsoft Azure to deliver 204% return - study
The Forrester Total Economic Impact study finds SAS Viya on Microsoft Azure brings a 204% return on investment over three years.
Story image
Testing
Google and CSIRO use AI to help protect the Great Barrier Reef
Google has partnered with CSIRO in Australia to implement AI solutions that help protect the Great Barrier Reef.
Story image
SaaS
Cloudflare launches instant serverless database for dev teams
"Today we’re announcing our first serverless database which we expect will quickly become one of the largest databases in the world."
Story image
Safety
Voxel hits total funding of $18M following ongoing wins
Since raising its seed round in September, Voxel has grown at pace, by decreasing on-site injuries by upwards of 80% and increasing operational productivity.
Story image
Employee Experience
Zendesk launches customer service and employee experience offering
"Zendesk is helping businesses embrace this new generation of conversational customer relationship management and turn customer service into growth.”
Story image
Manufacturing
HINDSITE wins Aerospace Xelerated Pitch Challenge with solution to support Boeing
Brisbane-based startup HINDSITE was the winner of the first ever Pitch Challenge organised by Aerospace Xelerated in partnership with Queensland XR Hub. 
Story image
Artificial Intelligence
ForgeRock releases Autonomous Access solution powered by AI
ForgeRock has officially introduced ForgeRock Autonomous Access, a new solution that uses AI to prevent identity-based cyber attacks and fraud.
Story image
trust
9/10 Aussies to stop spending if personal data compromised
"Based on the patterns we are seeing among Australian consumers, it is evident that trust in a brand is exceptionally important."
Story image
Alteryx
Decision Inc. Australia enters partnership with Alteryx
Independent data and analytics consultancy Decision Inc. Australia has partnered with automated analytics company Alteryx, expanding its offering to clients.
Story image
MongoDB
Tech innovation crucial to growth, but barriers remain
Businesses in the A/NZ region believe tech innovation is crucial to drive future growth, but 76% say they’re being held back by complex data architecture.
Story image
Amazon Web Services / AWS
Databricks strengthens AWS partnership with new Lakehouse offering
Customers will experience faster onboarding and unified account administration to make building a Databricks Lakehouse on AWS easier.
Story image
Phishing
Google reveals new safety and security measures for users
Google's new measures include automatic two step verification, virtual cards and making it easier to remove contact information on Google Search results.
Exabeam
Find out how a behavioural analytics-driven approach can transform security operations with the new Exabeam commissioned Forrester study.
Link image
Story image
Sift
Sift shares crucial advice for preventing serious ATO breaches
Are you or your business struggling with Account Takeover Fraud (ATO)? One of the latest ebooks from Sift can provide readers with the tools and expertise to help launch them into the new era of account security.
Story image
Digital Transformation
Why enterprise records management should be part of any digital transformation strategy
Modern organisations create and rely upon an enormous volume of content, and digital records make up a significant proportion of that content.
Story image
Cybersecurity
Hard numbers: Why ambiguity in cybersecurity no longer adds up
As cybersecurity costs and risks continue to escalate, CEOs continue to struggle with what their investment in cyber protection buys. Getting rid of ambiguity becomes necessary.
Story image
Jabra
Jabra investigates what makes an ideal hybrid work model
“The way we work has changed forever and the current state of knowledge work requires access to digital platforms and technologies to be successful."
Story image
Digital Transformation
Unlocking the next digital frontier for educational institutions
Understanding where to invest in technology can be challenging for education institutions, especially after the COVID-19 disruptions.
Story image
Adyen
Adyen expands partnership with Afterpay as BNPL payments increase
Adyen has expanded its partnership with AfterPay allowing more of Adyen’s merchants in more countries worldwide to use the BNPL provider.
Story image
Remote Working
IT teams deploy powerful technologies to enable remote work
"We found that IT teams mastered the challenges of remote work last year in large part by employing powerful yet easy-to-use technologies."
Story image
Excel
Could your Excel practices be harming your business?
While Excel has been the de-facto standard for budgeting, planning, and forecasting, is it alone, enough to support organisations in the global marketplace that’s facing rapid changes due to digital transformation?
Story image
SaaS
Atturra partners with Focus HQ to support Aus organisations
Atturra has executed a partnership agreement with Focus HQ, to resell and support the company's Australian developed SaaS-based portfolio management platform.
Story image
Telstra
Telstra, Google and Accenture launch 5G AR experience for AFL
Telstra, Google and Accenture are developing a new 5G powered augmented reality (AR) experience at Melbourne's Marvel Stadium for the footy season.