Cybersecurity risks have always been a concern, but the current tensions overseas require heightened awareness and Zero-Trust Security built for online identity protection.
Many international leaders and policy experts believe if the war in Ukraine reaches outside of Europe, it will arrive first through cyberattacks. Malicious viruses could bring your business to a halt, to say nothing of essential infrastructure like the electrical grid.
But while cyber warfare may seem like something only technical people and IT security specialists can stop, the truth is that cybersecurity is a lot more personal. It begins with each individual in your organization protecting their own online identity.
Most organizations already know not to trust an unknown app or person outside their virtual walls. However, adopting “Zero-Trust” Security goes a step further. It demands organizations verify anything, anyone, from anywhere trying to connect to their systems.
This challenge has grown exponentially in recent years. Today, many organizations rely on third-party applications outside their on-premise networks that enable employees to work from practically anywhere—not just their homes but also coffee shops, parks, cars and more.
A key part of Zero Trust Security is multifactor authentication (MFA). If you’ve ever received a message alerting you a new device is attempting to access your bank account, you have encountered MFA. But much stronger MFA tools are now available, even within your Microsoft 365 tenant, that can block 98 percent of identity attacks.
Before looking at how those tools work, let’s look back at the evolution of security networks and threats.
Preventing Attacks Behind Your Network’s Walls: Traditional Security Models
In the network of protection systems most are familiar with, employees’ identities are stored behind the organizations’ network. When users sign in with their single user ID and password, they can then access the company’s apps and data. Any bad actor who acquires any employee’s credentials, from the C-suite to facilities management staff and beyond, can gain access to the network and everything inside it.
One common way for hackers to attack is by obtaining an employee’s email address, many of which may be easily found on company websites or public documents. The hacker can then send an email to individuals that contains a link to launch a virus when clicked or prompts the recipient to submit their credentials — often “for your protection.”
When a high-ranking executive is the subject of such an attack, it is known as “whaling.” But employees at all levels of the organization may have their emails in the public realm — for example, a shipping clerk who puts their email address on an invoice, a media specialist who puts it on a press release, or a customer service representative, anyone posting on social media. Attacks like these are called “spear phishing.”
But unless an email recipient clicks the link or unintentionally provides credentials, they keep identities secured passably well. However, when bad actors exploit application or hardware vulnerabilities, they can easily compromise employee credentials that don’t have multifactor authentication’s additional security measures.
The growth of third-party applications existing outside the network extends your company’s virtual walls much further than ever before. Identity protection that relies on a single network username and password is no longer enough, and maintaining a single-factor system opens you — and all of us — to attack.
Preventing Attacks from Around the Globe: Multifactor Authentication
Does that mean that employees must manage different user IDs and passwords for every third-party app they need to do their jobs?
Fortunately, the answer is “no.” Multifactor authentication provides a second layer of protection that employees set up through an app on their mobile devices. Like the notification you receive from your bank, the app alerts users when a new device attempts to access their information, but it then goes a step further.
To allow access, users can provide biometric information, such as a fingerprint or facial recognition, to create a better multifactor authentication user experience while making it exponentially harder for bad actors to compromise. A hacker encounters the same alert, but they lack the biometric credentials to allow access. Biometrics and automated identities also reduce the need to maintain passwords for multiple applications and prioritize central administration.
However, users must understand that to be secure they should only grant access when alerted if they have initiated the prompt. Usually, that means knowingly logging into a device, application, new network or accessing certain data. If a user knows they have not attempted to log in, they should not grant access and should immediately report the incident.
This additional protection is always important, but it is especially important today. Cybercriminals have already used malware such as HermeticWiper and HermeticWizard in Ukraine since the early days of the Ukraine conflict. And other countries are piling on the attacks. For example, Chinese actors have launched the backdoor-attack malware Daxin, exploiting the fact that many cybersecurity experts are now focused on Russia.
The effects of these attacks can be enormous for all affected — individuals, companies and even nations. It can disrupt supply chains, wireless services compromised, remote services rendered useless and more.
Conclusion: Moving toward a New Thinking about Identity
Some employees may view MFA, at least initially, as an additional burden. However, it is a key part of Zero-Trust Security. You must education your employees so they understand it is critical to more tightly secure your organization.
Another part of Zero-Trust Security is the principle of “least privilege access.” It ensures that each employee can access only those resources needed to perform their job function, adding an additional layer of protection.
If you have not adopted Zero-Trust Security in your organization, a Zero-Trust Security Assessment will help you discover your organization’s security maturity, learn to promote security awareness and build confidence throughout your organization. By moving beyond the single factor of a “secure network” to ensure only the right person has access to the right data on the right infrastructure within the right application from the right device on the right network, we can all transition to a safer, Zero-Trust future.