User access control pivotal to secure govt systems
User access control pivotal to secure govt systems
Innovation is a must in today's hyper-connected business environment, but where there is connectivity and technology, there is risk – and government systems are particularly at risk, given the increase in use of social media platforms to engage the public and deliver services.
Experts in identity and access management say traditional approaches no longer work to fully protect corporate IT systems today.
They point out that prevalence of user accounts and their connection to numerous various platforms represent information portals that have to be managed – failure to do so means vulnerability and risk to companies.
Inconsistency in policy, non-compliance with governance regulation, the growing need for behavioural analysis using data, and lagging behind attackers are identified as key challenges to adequately protect critical resources
At the Ubusha Public Sector Forum, hosted in Pretoria, South Africa, business leaders spoke of the need for adaptive security (including ID governance) and implementation of a Business Nervous System, to empower organisations to leverage their existing resources and adapt to change.
"Insider misuse is the number one cause of threats today, but other challenges include limited visibility into access privileges, inconsistent policies, and inadequate access certifications to identify abuse. In addition, authentication technology is lagging that of attackers," said Rick Wagner, Director of Product Management – Identity, Governance, at Micro Focus.
The global company is working on the introduction of IDaaS or Identity as a Service, as market demand for running software in the cloud continues to grow.
Andrew Whittaker, Director: Identity and Access Governance, at Ubusha explained that businesses continue to grapple with balancing security requirements with the needs of business, the reality of the corporate space is that there are too many users with too much access.
This is evident with the constant risk of accidental breaches and unchecked insider attacks, he said.
It is important to adhere to fundamental IT security checks, including firewalls and antivirus, but the crown jewels is access to IT systems and data that resides within an organisation, Whittaker added.
The advice from Ubusha and Micro Focus is to apply relevant systems and process in order to better manage information.