How Unifying Can Fill the Gaps in Your Identity Security

If you’ve been exploring IAM, PAM, IGA or ADMS recently, or reading up on the top trends in identity security, you will probably have come across the term convergence. As the prediction above from Gartner affirms, it’s the top trend in identity security today.

Convergence is a holistic approach to identity security that helps address the current threat surface. In this article, we explore the reasons the approach is rapidly being adopted by CISOs, and how it can help you protect your organization and people more effectively.

The drivers for convergence: How the threat surface has changed

As we all know, the threat surface is continually evolving. This has been the driving force behind the development of identity security solutions - from early access control lists (ACL) to zero trust security frameworks.

So what’s changed? These three factors are necessitating a new approach:

1. The dissolving of the security perimeter and disappearance of infrastructure

Is the traditional security perimeter model working for you? When your IT infrastructure is distributed across multiple physical sites, virtual machines, public and private clouds, and numerous cloud platforms and operating systems, it’s no longer effective or feasible to put up a fence to protect your people, data and applications.

In addition, you can no longer trust that a user is who they say they are. With users accessing resources in today’s hyper-dispersed enterprise infrastructure - from the office or remotely and from multiple devices - there are countless opportunities for a bad actor to compromise them.

2. Identity sprawl

How many machine identities do you have to manage? If you’re anything like the IT security professionals we surveyed for our Identities and Security in 2021 report, it’s increased dramatically in recent years. 84% of respondents in our survey said the number of identities they manage had doubled, and 25% said they had increased by a factor of 10 or more.

As end users require access to more resources the number of machine identities CISOs manage has expanded rapidly. Remote working, the increased adoption of cloud services and the trend towards using more external partners and contractors, is all driving identity sprawl.

It’s not just demand from your internal and external human end users either. Even robots need identities, so the adoption of new technologies like AI and RPA is also contributing to perhaps the biggest cybersecurity challenge yet: identity sprawl

For guidance and best practice for managing identity sprawl, download our eBook here.

3. Fragmented security environments

In many organizations the approach to identity and access management is largely fragmented. Our Identities and Security in 2021 report found that approximately 51% of IT security professionals use more than 25 different systems for identity management, while 21% said they had more than 100 different systems in use. Does this sound familiar?

When you have a fragmented security environment, you risk losing visibility over who has access to what, which creates a side door into your systems that bad actors can exploit.

The risks of operating a fragmented approach

Up to a point, identity sprawl is something we have to live with as it’s driven by today’s hyper-dispersed IT environments. However, it’s vital that we manage it as effectively as possible. Especially by ensuring that users don’t have more privilege than they need to do their job.

The problem is when you also factor in a fragmented security environment, IT security professionals lack visibility into privileged access users and whether they’re complying with relevant policies.

Growing threat of ransomware attack

Poor identity management is behind major cyberattacks like Colonial Pipeline in May 2021, where attackers were able to access the corporate network through a compromised VPN password. The password was thought to have been compromised on another website and then used on the VPN login. The employee account associated with it was believed to be inactive and therefore, perhaps, it should have been removed entirely.

In another ransomware attack in June 2021 against global meat processing company JBS, leaked employee credentials were discovered on the dark web. These are thought to have been breached several months before in February 2021.

While it’s not known what the initial intrusion vector was in this attack, common vectors include Remote Desktop Protocol (RDP), Virtual Network Connection (VNC) and VPN. Attackers will make attempts via remote access protocols to identify any vulnerable services.

These types of attacks have become increasingly common and unremarkable, which means if your organization has internet assets, you should consider yourself a target.

Ransomware attacks are growing in intensity and affect every business sector. New actors are entering the market, attracted by the profitability of a successful attack and established criminal organizations are adding ransomware to their portfolios.

As in the case of JBS, many ransomware attacks are also accompanied by data exfiltration, where data is leaked prior to the encryption of the victim’s files.

Verizon’s 2021 Data Breach Investigations Report found that 70% of breaches are linked to privileged account abuse, and 61% involve mismanagement of credentials.

Why convergence is the solution

First, let’s explore what convergence actually is.

As with many other security solutions, when it comes to identity security typically you have multiple products, often from different vendors. You may have the following in your identity security stack:

• Identity Governance and Administration (IGA)
• Access Management (AM)
• Privileged Access Management (PAM)
• Active Directory Management (AD Mgt)

These solutions are implemented separately and then integrated, which is often problematic particularly when you have products from different vendors.

Convergence brings all these separate products into one solution, fully integrated and managed from one unified platform, resolving the issue of a fragmented environment and closing a critical cybersecurity exposure gap.

Here are the key benefits:

• 360° visibility over all your users’ identities - humans and bots: Eliminating blind spots and ensuring policies and processes are applied uniformly across your IT environment.
• Streamlines correlation: A converged identity security solution fully integrates other products or services in the stack to correlate all identities and verify everything before granting access to critical assets. Solutions such as One Identity’s Unified Identity Security Platform will also integrate with your other security solutions.
• Simplifies automation: With all your identity security tools in one solution you can automate processes with confidence.
• Rapid time to value: Consolidated solutions are a faster way to bring the value and protection of identity-based security to your organization than conventional standalone deployments.
• Reduce risk: Convergence supports zero trust strategies and dramatically improves their overall cybersecurity posture.

A holistic approach is key

The new hyper-dispersed environment is here to stay, so we need to find alternative ways to protect our organizations – solutions that don’t rely on a traditional perimeter security model but don’t fragment the security environment further.

Taking a holistic approach fills the gaps in your identity security, providing you with a security fabric that wraps in and around all potential access points, increasing visibility and ensuring that identities aren’t siloed in multiple different tools.

With converged identity solutions you can get a standardized approach from a single vendor. And if you work with a Gartner® Magic Quadrant™ vendor, you also get best-in-breed technology too.

Learn how you can control identity sprawl and close your cybersecurity gap with unified identity security. Watch our video here.