The vast majority of cyber breaches leverage compromised credentials. Multi-factor (MFA) is a critical security measure for verifying a user’s identity, and yet many sensitive systems don’t use MFA. Why is that?
At this year’s RSA Conference in San Franciso, I went about looking for an answer to that very question.
One of the companies I spoke with was Silverfort. Silverfort was named a Gartner Cool Vendor in Identity and Access Management, so I was particularly interested in their perspective on this subject.
I had the pleasure of speaking with Hed Kovetz Co-Founder & CEO and Dana Tamir VP Market Strategy at Silverfort. They describe Silverfort as an RBA (Risk-Based Authentication) vendor.
We talked about the dangers inherent in today’s work from home culture. In light of all that’s happened since my conversation with Hed and Dana, their comments are even more relevant.
At the time of the RSA Conference, late February 2020, the Coronavirus was still in its infancy, at least in the U.S. While China and Europe were in a severe struggle, there were only 35 confirmed cases in America.
How different the picture is now. As of this writing, commerce and industry across the entire globe have ground to a halt. Outside of emergency services and other critical sectors, those fortunate enough to still be working are doing so from home.
The threats associated with keeping systems and data safe by protecting user credentials have skyrocketed right along with the spread of the virus.
Hed addressed the question of why many sensitive systems remain unprotect by explaining that, “Current MFA solutions are intended to protect individual assets or gateways. They are often challenging to deploy because they require software agents, proxies, or complex integrations with each system.
“Also, many systems don’t support MFA at all. Cloud IoT and personal devices are transforming corporate networks and erasing their traditional perimeters with many connected systems and devices. Protecting them one by one is no longer possible.
“Silverfort introduced the first next-generation authentication platform seamlessly, delivering adaptive MFA across all sensitive assets without requiring any agents, proxies, or local configurations. Thanks to its unique agentless technology, Silverfort monitors and analyzes all access requests to any system and resource both in the cloud and on-premise, enforcing adaptive authentication policies on top of existing authentication protocols.”
Silverfort’s AI-driven risk engine monitors 20 to 50 times more access requests than any other authentication solution. It analyzes the behavior of all users and machine accounts, stepping up authentication to block threats in real-time. Silverfort enables enterprises to use identity as their new perimeter, paving the road towards zero trust security without modifying their networks. Silverfort’s platform protects any sensitive system, including those considered unprotectable until today. From homegrown applications and critical IT infrastructure to financial and healthcare systems, databases, file shares, even IoT devices.
Dana built on Hed’s comments, saying, “Having MFA only on your VPN today is not enough. Many employees are now connecting from home, some of them using corporate devices like laptops or maybe even desktops, but many of them use personal devices to connect to the network. You can’t know for sure that these devices are clean from malware and safe.
“The question becomes, what happens after the employee connects to your network? Do you have a way to trace the access that that employee is obtaining? Do you have a way to validate if those are legitimate access requests or if something malicious is taking off?
“What we see today is that many organizations rely only on perimeter security. What Siverfort does is enable you to extend your multi-factor authentication beyond the perimeter to any access, whether it’s on-premise or whether it’s in the cloud. No matter the application, whether it is a homegrown application or an IoT device.”
So, why are too many sensitive systems still not using MFA? Traditional MFA solutions are difficult to deploy. They require software agents or proxies. They often require a custom integration with legacy systems. Our work environments and IT infrastructures have evolved.
Our world is changing at breakneck speed. New ways of looking at security are needed. Allowing for the realities of remote workers with BYOD and addressing these new paradigms from an MFA perspective is essential for protecting digital assets.
This sixteen-minute Youtube video does an excellent job of explaining Silverfort’s value proposition. Take a look!
Steven Bowcut is an award-winning journalist covering cyber and physical security. He is an editor and writer for Brilliance Security Magazine as well as other security and non-security online publications. Follow and connect with Steve on Twitter, Instagram, and LinkedIn.