Intelligent CIO Europe Issue 25 - Page 33

+ EDITOR’S QUESTION RASHID ALI, UK ENTERPRISE SALES MANAGER AT WALLIX ///////////////// A s businesses pour time, money and resources into tackling external cyberthreats, it is also fundamental to protect against threats within the organisation itself. In fact, despite hackers and ransomware grabbing a lot of media attention, insider threats are the leading cause of cyberattacks. While the term ‘insider threat’ immediately makes us think of a disgruntled employee with malicious intent, the reality is that these threats can come in all different shapes and sizes. Simply put, anyone with privileged access to critical business systems “ THE REALITY IS THAT ANYONE WITH ACCESS IS A RISK TO THE BUSINESS – SO SAFEGUARDING THE NETWORK AND DATA IS FUNDAMENTAL. “ IT’S IMPORTANT TO IMPLEMENT A PLATFORM THAT SUPPORTS BOTH SECURITY AND WORKFLOW PRODUCTIVITY. represents some form of security risk to the organisation. These insiders can be company executives, HR managers, IT admins or even third-party vendors. While each team member might be valued and trusted, not all breaches are intentional. The vast majority of cybersecurity breaches are in fact accidental – meaning even the most trusted of employees pose a security threat. So how can we safeguard against human error? Organisations need to implement a comprehensive security strategy that encompasses all areas of the business to provide control and access restrictions. This should filter down throughout all the infrastructure layers, including cloud-based systems, on-premises storage and backup servers. This way, even privileged credentials have limited access – meaning that if an error does occur or passwords are stolen/ hacked, the breach will also be restricted. By implementing a form of privileged access management, businesses will be able to centralise account security operations, encrypt passwords and control user access – enhancing the security measures placed around privileged accounts. It’s also essential to ensure that any privileged access management solution is seamlessly integrated – continuing to give employees the same flexibility and support to work in the most efficient way possible. While security is a top concern for company CISOs and CIOs, employees day-to-day are faced with time constraints and sometimes see added layers and multiple password requests as a trade-off between efficiency and security. This is not necessarily the case so it’s important to implement a platform that supports both security and workflow productivity. With an integrated privileged access management solution, organisations can balance the need to safeguard against cyberthreats, fundamentally improving overall cybersecurity protocol, while enabling a productive and agile workforce. The reality is that anyone with access is a risk to the business – so safeguarding the network and data is fundamental. INTELLIGENTCIO 33