Risks to Digital Identities: A Q&A With Ted Shorter, CTO at Keyfactor
Here are a few tips to help organizations keep their digital identities secure during the COVID-19 crisis
The COVID-19 pandemic has forced millions of workers to connect to corporate networks remotely. During this time, there have been warnings of an increase in cyberattacks and phishing scams, and there’s been a call for more vigilant cybersecurity practices.
One area that remote workers need to pay special attention to is the threat to digital identities. Your digital identity is what authenticates you online. Authenticating digital identities for remote workers is something companies do on a regular basis; for most organizations, there is always someone working remotely. But now, businesses of all sizes are being impacted and forced to scale at otherwise unheard of rates. Ted Shorter, CTO at Keyfactor, offered his insights to the risks surrounding digital identities and what can be done to secure them.
Sue Poremba: What are some of the risks surrounding digital identities?
Ted Shorter: This is the first time that most organizations’ remote access systems are being taxed to these extreme levels. This can lead to a number of potential scale and bandwidth problems. But in a race to get new access systems rolled out—or enabling remote access for new large batches of users—there’s an increased chance of misconfiguration of systems, which could lead to new exposure.
Establishing trusted connections that protect digital identities is key to corporate security. The people in the business and the devices and applications they use form a large part of the IT ecosystem. These are usually covered by a business’s local network security program. But even with business continuity plans, many organizations—especially those with fewer remote workers—wouldn’t have prepared for the mass move to remote working that we’re experiencing now. Adding a significant number of remote employees simultaneously can introduce new risks, too, especially if they’re using personal devices that haven’t been authenticated or possibly insecure home WiFi.
Under normal circumstances, not making a proper investment in securing digital identities can lead to systems outages, unauthorized systems access, operational disruption and even breaches. In a recent survey with Ponemon, we found that 73% of respondents experienced unplanned outages and breaches related to digital certificates. Digital certificates and keys can get lost in the shuffle without automated tools and processes. The rapid move to remote work means that those businesses lacking resources and tools dedicated to digital identity management are at greater risk of outages and disruption, especially if certificate expiration or revocation events happen through the transition.
Poremba: How does remote working impact those risks?
Shorter: One of the biggest risks is an increased chance of misconfiguration of systems, which could lead to new exposure. It also may be tempting to cut corners in order to “make it work,” which can lead to potential exposure as well. There’s also an increased risk of spear-phishing attacks succeeding against “newly remote” workers, who are used to more direct interaction with their superiors or IT support staff in the organization. Without a more regular cadence of direct interaction, the chance that a spear-phisher can dupe a user into providing their access credentials goes up. It also means that risk-assessment systems, which look at access patterns, could be presented with a significantly different dataset in terms of where users’ access is now coming from.
Poremba: What should IT departments be doing to ensure digital identities are secure? And what should the workers themselves be doing?
Shorter: Organizations should review their remote access systems and configurations to ensure that they are sufficiently scalable and secure to handle a prolonged period of extensive remote work. Some organizations are falling back to partial onsite/work from home shifts, either due to security reasons (workloads that just can’t be used remotely) or network load reasons.
Poremba: Any other important thoughts to share on this issue?
Shorter: Properly authenticating external users and their devices to the applications and data that they need to use has never been more critical or had a need to run at such a scale. Organizations that have adopted a cloud-first strategy will likely have an easier time with this effort than those that still have significant on-premises infrastructure. The good news is that many cloud-based technologies can be brought to bear very quickly to help meet technical shortcomings that become apparent as mass work-from-home initiatives swing into place.
