The accelerated move to remote work in 2020 ushered in a new age in access management, with the on-premises VPN perimeter giving way to a perimeterless reality of multiple devices, multiple access points, and users connecting to resources from their own individual networks.
This perimeterless reality isn’t going away, as organisations allow for varying levels of remote work and as business travel resumes. The access management challenges the hybrid workforce presents are formidable:
- How do you secure access for a workforce that’s as likely to be at home or on the road as on-site?
- How do you make accessing resources in the cloud as secure as accessing on-premises resources?
- And how do you ensure access is as convenient as possible, to maintain a positive user experience while keeping the IT support burden low?
As you develop strategies to support secure access everywhere people work, the following guidelines will help.
- Adopt a “least privilege” model to minimise access risk: The principle of “least privilege” has been around for years, but in today’s perimeterless environment, it is more important than ever. Best practices include conducting privilege audits of existing accounts, starting new accounts with the least possible privilege and enforcing separation of privileges.
- Protect resources in the cloud with MFA: in addition to the rise of the remote workforce, increased use of cloud resources will continue to make secure access more challenging. Ensuring secure access to these resources starts with understanding exactly what’s in the cloud; think beyond customer service and sales applications, and look at other areas like messaging and unified communication that are also likely to contain confidential, proprietary information. Protect all cloud resources containing sensitive data with multi-factor authentication (MFA), and authenticate directly to each one rather than via VPN, using single sign-on (SSO) to speed and streamline the process for users.
- Take a broader view of the value of MFA: Having more than one factor of authentication is, of course, important for access security, but there is even greater value in an approach to MFA that includes unified identities, access points and applications to ensure a consistent approach
- Capabilities to build out rules and risk evaluations to lay the groundwork for dynamic management of access and authorisation to applications, which simplifies processes for both granting access and requesting it.
For more information on how to drive the right identity and access management strategy for you, please contact our team at Loop Secure.