At the heart of Information Technology (IT) security; be it modern solutions like Zero Trust, or legacy/perimeter based protection, the first step in securing critical business data is to establish fundamental access policies. What users (and in a lot of cases roles), and what business critical information and applications do they require to fulfil their duties?
Put simply - who gets access to what?
Breaches are inevitable, but a good way to reduce the attack surface is limiting the exposure of a user account. This coupled with other important measures we see today, such as perimeter/edge based firewalls, web proxies, SIEM tools, to name a few.. will ensure businesses are equipped to mitigate today’s bad actors. The concept of digital identity dates back to the 1960’s when Fernando Corbato helped in creating the first computer password.
Passwords have served us well, but alone they aren’t enough
Same goal, different methods
Since this time, we have seen new authentication methods surpass those early passwords, to the complex passwords we use today, to 2FA, to MFA. Attackers and bad actors have also matured their arsenal and processes, and this never-ending game of chess.
The space continues to evolve, and some recent examples of that evolution are:
Modern MFA means evolved authentication methods like facial recognition
The dynamic shifts in the way people work as contributed to this evolving Cyber Security landscape. Zero Trust, as an example, became a lot more popular with the advent of remote/hybrid work, during the 2020 pandemic. Because people are now logging in from potentially unsecured networks (such as café’s or other Public WiFi access points), a continuous interrogation on the user accessing business applications and data – the traditional ‘flat’ networking and security structure won’t suffice.
Visibility is the new black
A big concern most businesses have with Identity and Access Management (IAM) is that security measures are usually reactive - not proactive, and that these businesses are usually in the dark until a breach has occurred. At this point, security teams work backwards to understand where the issues were.
Identity Governance and Administration (IGA) addresses this, by wrapping policy and rigor around the day-to-day IAM operation. IGA’s enable businesses to allow better self-service to their users or business units, whilst maintaining a clear audit trail. Some of the fundamentals of a modern IGA are:
Good authentication and MFA controls are essential. A top-down overview of Identity Governance is best.
Where our partners identify opportunities and add value
Our partners are already having conversations with their customers around:
Each of these topics are a great time to talk about their IAM solution, and what they should expect at minimum to maintain security posture today.
Your Dicker Data SecurID sales reps and technical resources are always on hand to assist in these conversations, and with modern “ID Plus” solutions, getting a customer trial is a cinch.
Contact sales@dickerdata.com.au for all your technology needs.
23 August, 2024 - 4 min read
In today’s day and age, we’re treated to more choice and variety... Read more
22 August, 2024 - 2 min read
Picture this: It’s October 14th 2025. You’ve just won some new... Read more
9 August, 2024 - 3 min read
We’ve just completed stop three of our #TECHX24 tour, Melbourne!... Read more
Subscribe to the Dicker Data blog
for regular updates and insights
Dicker Data (ASX: DDR) is an Australian owned and operated, ASX listed hardware distributor with over 46 years experience. Our dedicated sales and presales teams are comprised of experienced product specialists who are focused on using their in-depth knowledge to help customers tailor solutions to suit their client’s needs.
Phone: 1800 688 586
Email: sales@dickerdata.com.au