Digital Identity Landscape for Vancouver IAM Meetup 2017 12-19
Identity & Access Management · Speak to our Identity Experts on U664 0800 0443091...
Transcript of Identity & Access Management · Speak to our Identity Experts on U664 0800 0443091...
Identity & Access ManagementThe ‘silver bullet’ against employee phishing?
Michael NewmanCEO, My1Login
Best Identity
Management SolutionIAM Solution
of The Year
IAM Award International Contribution
to Cyber Security
Agenda
1. Phishing : Success Rates and Impact
2. How Organisations Currently Attempt to Tackle Phishing
3. How to Leverage IAM to Defeat Phishing
4. How My1Login Can Help
5. Take-Away Actions
© My1Login Ltd 2007 - 2019
Key Findings
Phishing was involved in 90% of successful attacks.
4% of people will click on any given phishing campaign
The more phishing emails someone has clicked, the more likely they are to do so again.
It takes 16 minutes until the first click on a phishing campaign. The first report from a savvy user will arrive after 28 minutes.
Phishing : Success Rates
© My1Login Ltd 2007 - 2019
The Problem – Why Now?
81% of Data Breaches are
Due to Passwords*
*Source : Verizon Corporate Data Breach Report
Current Identity & Access Management Solutions Don’t Work with All Apps
Therefore Users are Still Have to Manage a Number of Business Passwords
45% Growth in Hacking &
Phishing Over Last Year
£ 4% of T/OGDPR & Compliance Fines are
Increasing
Passwords are the Most Common Cause of Data Breaches
• Cyber-Security Risk• Compliance Fines• Direct Cost – Helpdesk Password Calls & Inefficiencies
GDPR has moved Identity & Access Management from a “nice to have” to a “must have”
© My1Login Ltd 2007 - 2019
ExpensesActive Directory TrainingAppraisals
Unknown Apps
Unknown Apps
Thick Client Apps ie. RDP
ie. mainframe
Shadow IT
Unknown Apps
Unknown Apps
Identity Sprawl due to Disparate Application TypesWeb Apps, Mobile Apps, Thick-client Apps, Flash Apps, Virtualised Apps, I-Frame, Bespoke In-House Apps
© My1Login Ltd 2007 - 2019
The Problem
Insecure User Password
Practices
• Weak passwords that are easy to remember• The same or similar passwords• Weak password practices
• Business has little control over passwords in use• Employees have too many passwords to remember
Employees Solution? YourCompany01YourCompany02YourCompany03YourCompany04
© My1Login Ltd 2007 - 2019
DeceptiveSending a deceptive email, in bulk, with a “call to action” that demands the recipient click on a link.
Web site redirectionCreate a web site which looks like a company web site and wait for users to enter their login details.
How your staff respond to suspicious emails is often one of the last lines of defence. Industry breach data shows us that phishing is successful and plays a part in most breaches.
Common Types of Phishing Attack
© My1Login Ltd 2007 - 2019
How Phishing is Currently Tackled
Anti-Phishing software at network level - attempts to detect known phishing senders etc and prevent these from reaching end-users
Web/Content/Mail Filtering/Antivirus
Education and security awareness Training
Risk reduced but still significant
© My1Login Ltd 2007 - 2019
Each user has a lot of business passwords – probably more than you think
How happy are you leaving employees to use their own methods to manage these?
Why not use an IAM that’s capable of integrating all of their apps with Single Sign-On so they don’t have to remember or manage the passwords?
Once the user logs into the AD they’ll get secure access to all their applications without needing to remember passwords.
How Can Identity & Access Management Eliminate Phishing?
© My1Login Ltd 2007 - 2019
But How Can that Stop Phishing?
Once the IAM solution is managing users’ passwords to provide Single Sign-On, configure central policies on the IAM that force changes to users’ passwords on the ‘target’ applications
For instance, let’s say you store customer records in a cloud-based CRM that is protected by user passwords:-
Old User Created Password : YourBusiness01
Forced Password Update Generated by IAM : BiALw@mPGinz&]0Az{U<Id2u(+wM)/
Take this further by setting a policy on the IAM that hides the newly generated passwords from the users
Users don’t need to know these passwords since the IAM provides SSO linked to their AD profile
If the users don’t know the password for the application, how can they be phished for them
**************************
© My1Login Ltd 2007 - 2019
Phishing Email and Spoofed Website
© My1Login Ltd 2007 - 2019
Key Benefits: Enforces Policies to Ensure Strong
Passwords Enables Replacement of Passwords with
SAML Where Possible Detects Shadow IT Provides SSO into all types of Application
Leveraging My1Login’s IAM to Tackle Phishing
Privileged Password
ManagerSSO for Cloud &
Mobile
Multi-Factor
Authentication
User Account &
Application ProvisioningSelf-service
Password Reset
SSO for Windows
Desktop
© My1Login Ltd 2007 - 2019
Discovery of All Applications
• Detects ”Shadow IT” and puts IT back in control of cloud apps
• Make simple policy decisions to integrate or exclude these from the IAM i.e. for
included apps, User will benefit from SSO next time they access they app
• Automatically links Identities for cloud apps to the corresponding Active Directory
user
My1Login can “Auto-Discover” the Apps Being Accessed by Users and
Automatically Integrate these with Single Sign-On
© My1Login Ltd 2007 - 2019
Set Policy to Change Passwords
• Pro-actively protects cloud apps with random, high-
entropy passwords
• Users no longer need to know their passwords –
they are linked to the IAM and their AD profile.
• Audit trail linked to AD user satisfies non-
repudiation of access
• Takes password management out of the hands of
users –places the business in control
If the users don’t know the password, how
can they be phished?
Leverage your IAM to ELIMINATE PHISHING risks – How?
Set policies on My1Login that auto-update users’ passwords on web applications
(and then hide these passwords from users)
© My1Login Ltd 2007 - 2019
• Choose between seamless UX, portal UX or hybrid UX for IAM based on preferences
• Roll out IAM company-wide using AD Group Policies
Seamless User ExperienceNo Portal, User Launches Apps As Usual – IAM Authenticates
Portal User ExperienceOffer Users An App Portal for Web and Windows Desktop Apps
Additional Benefit: SSO for All Apps with No Training Required
© My1Login Ltd 2007 - 2019
Additional Business Benefits of IAM
• Saves up to 1hr Per Week Per
User
• Significant reduction in admin
effort
• Easy to use – no training
required.
• Audit trail of user access to
applications
• Controls around access to systems
and data
• GDPR, ISO, PCI
PRODUCTIVITY COMPLIANCE
• Eliminated weak passwords
• Eliminated insecure password
sharing
• Context-based user access
• SSO without revealing
credentials
• Instantly revoke application
access from one place.
SECURITY
© My1Login Ltd 2007 - 2019
My1Login’s Identity & Access Management Solution – The Customer’s Perspective
Watch the full, 4-minute video at www.my1login.com
© My1Login Ltd 2007 - 2019
Construction
Hotel & Leisure
Some of Our Customers
Public Sector Energy Financial Retail
Other Sectors
© My1Login Ltd 2007 - 2019
International Contribution
to Cyber Security
Best Cloud Computing
Security Solution
IAM Solution
of The Year
Awards
Cyber Security
Product of The Year
IAM Solution
of The Year
Editors
Choice
The “One to Watch”
Security Company
Cloud Security
Product of The Year
IAM Award
Best Cloud
Security Product
Best Security
Product
Best Security
Company of the Year
IAM Award
Best Identity
Management Solution
Best Identity
Management Solution
Take-away Actions
• The current approach to tackle phishing is not enough
• Use your IAM to audit and discover the cloud apps being used
• Ensure your IAM Solution can automatically update passwords and hide them from users so they can’t be phished
Visit My1Login at Stand U664Looking for more advice?
Speak to our Identity Experts on U664
0800 0443091 [email protected]
Thank You and Questions
“Global Leader in
Identity Management”
IAM Award International Contribution
to Cyber SecurityIAM Solution
of The Year
Best Cloud Computing
Security Solution
Best Identity
Management SolutionBest Identity
Management Solution