There’s a quip in the IT industry: who is driving digital transformation in your company: the CEO, the CIO or Covid? And, of course, the response is generally Covid.
While Covid has precipitated organisations along an accelerated digitalisation path, the very speed with which it happened has had some unpleasant – and sometimes downright dangerous – consequences.
Bertie Neethling, RSA product manager at First Distribution, points out that it has quickly become apparent that the way we access the corporate network has changed radically, with the edge and the cloud now as much a part of the mainstream as the core data centre ever was.
“While moving workloads from on-premise to the cloud has become easier over time, there are risks associated with it,” he explains. “You have users trying to access data or workspaces from home: even if they are using the office VPN (virtual private network) or cloud workspace, quite often thety do so with little or no security on their own computers.
“Organisations find themselves having to strike a balance between security lenience and being too restrictive,” Neethling adds. “It’s when you get this balance right that you have a good cloud strategy.”
With users accessing the corporate network from just about anywhere, on any device, cybercriminals are having a field day and the rash of security compromises we’ve seen in the past months indicates just how successful they’ve been at breaching IT’s defences.
The most common weak point is still e-mail, Neethling points out, with criminals making very effective use of phishing to gain access to users’ devices. “From there the threat actor can easily get into the corporate network, do a reconnaissance and then launch an attack to either steal data or encrypt it for a ransomware demand.”
The best way to mitigate these threats is with effective access control, to ensure that only authorised users are able to access applications and data.
“A well-functioning access management system will assist in protected assets and limiting the access that threat actors have within the system – it puts the right protection in the right place,” Neethling explains.
While security in itself is desirable, there are now also regulatory consequences of a lapse since the Protection of Personal Information Act (POPIA) came into effect last month.
“POPIA is forcing companies to pay more attention to where their data resides and who has access to it,” Neethling explains. “In the past, security was often a box-ticking exercise, something you had to pay lip service to, in order to get the compliance officer off your back.
“But now POPIA is making organisations take the issue of cybersecurity a lot more seriously because there are big fines involved for non-compliance.”
RSA has launched its SecureID access management solution, which Neethling says goes beyond two-factor authentication to truly protect data.
“SecureID provides a risk-based authentication solution that analyses location, behaviour and device to determine risk,” he explains. “And it does it without making security onerous for the user.”
For instance, if a user normally logs in from one IP address, and that changes, the system will challenge the user with a security question or two-factor authentication. “As soon as the user’s identity is confirmed, they can work as normal without having to jump through further hoops. It really is just a step to ensure that the person logging on is the right user.”
Behavioural analysis uses artificial intelligence (AI) and machine learning (ML) to track how the user typically interacts with the system, and will raise a flag if this changes.
These algorithms can pick up how the user types and clicks the mouse, even the number of words per minute that they type, whether they use caps lock or shift and more. “It picks up a lot of the small things a user does and registers their individual quirks,” says Neethling.
“AI can be quite daunting, but since cybercriminals are using these tools to steal our data, if your security solution is not looking at AI or ML it’s behind the curve.”
With SecureID, legitimate users still have seamless access to the corporate network, Neethling explains, but illegitimate users won’t be able to authenticate.
“This doesn’t mean a legitimate user who fails a security question will be permanently locked out of the system. You set the rules on how you want users authenticated, and any exceptions will trigger an alert to the administrator who can then investigate further and either allow or disallow the user. These rules are based on your company policies and can be as strict or as lenient as your policies dictate.
“At the end of the day, SecureID is all about ensuring the right person has access to the right data. It’s a good tool to have in place for a zero-trust security environment as it offers organisations a higher level of access control.”
SecureID can be delivered as software as a service (SaaS) or installed, so it can used on-premise, as a cloud or hybrid cloud solution.
“It really depends on the user’s environment and how they wish to work,” says Neethling. “RSA is able to fit in at any stage of the customer’s digital transformation journey; and can protect the organisation on all platforms.”
Partnering with First Distribution
First Distribution is an RSA distributor in South Africa and sub-Saharan Africa, and works with its extensive network of reseller partners to bring the SecureID solution to market.
“We assist our partners with marketing events, campaigns and lead generation,” says Neethling. “We can also go into end user customer meetings – physical or virtual – with our partners and act for them in pre-sales consulting and post-sales support.
“Our main focus is to add value to what the partner brings to the market; so for startups we can offer technical expertise; other companies might need sales support, so we offer that.”
About First Distribution
First Distribution is the leading value-added distributor in Africa. Our offering includes a product portfolio of global leading Datacentre, Cloud, Networking and Security products and services. This embraces hybrid solutions with access to any combination of on premise, private cloud and public cloud end-to-end solutions from multiple vendors. The portfolio, together with highly skilled staff to support and manage vendors with an unrivalled level of expertise, ensures that our partners have the key elements required for success. First Distribution additionally hosts one of the largest technology partner-to-partner networks in Africa allowing partners to extend the reach of their solutions across the continent.
Learn more about First Distribution here.