intelligent
// FEATURE //
RAW A DEFINED perimeter
D around a defined castle . That was the premise behind a castle and moat approach to IT security – built on what is now an outdated perception of identity and how to best protect it . A moat protects little when the castle is no longer there . Today , the cloud , the COVID-19 pandemic and the global remote workforce all underscore the irrelevance of this model . A new take on identity management is necessary , especially for small- and mediumsized enterprises ( SMEs ).
From a network perspective , if employees are using home or public networks , the effectiveness of company firewalls and controls are limited . Devices introduce additional challenges ; IT teams are trying to manage a complex mix of company-issued and personal devices ( some Mac , some Linux , some Windows ) for a remote workforce that may not be aware of or – compliant with – company policies and security best practices . And remote work has required employees to adopt more cloud-based applications , increasing the likelihood they reuse usernames and password combinations to simply do their job . A domainless enterprise approach which takes into account this paradigm is needed .
At the same time that the IT landscape has become more complicated with application sprawl , and more expensive given the various tools required to secure it , the threats to SMEs are increasing . In Verizon ’ s 2021 Data Breach Incident Report ( DBIR ), the company found that SMEs are experiencing the same types and frequency of attacks that have , until now , been more specific to enterprises .
For SMEs looking to build a security posture that can withstand the increased threat , a holistic approach that layers security across all attack surfaces is critical . Below are the four steps to do it :
1
Establish user identity
User and password combinations don ’ t positively identify users ; they simply confirm that someone has possession of functional credentials . Look for tools that go further . Multi-factor authentication ( MFA ) combines at least two verification methods ;
Neil Riva , Principal Product Manager , JumpCloud
“
USER AND PASSWORD COMBINATIONS DON ’ T POSITIVELY IDENTIFY USERS ; THEY SIMPLY CONFIRM THAT SOMEONE HAS POSSESSION OF FUNCTIONAL CREDENTIALS .
Intelligent SME . tech 29
. tech