Lalit-Popli,-COO,-ARCON,-shares-insightful-observations-in-a-webinar-focussed-on-BFSI-Sri-Lanka

Unsecured identities and unmonitored user behaviour leads to Cyber Catastrophe

After several cyber incidents in the island nation, the Government of Sri Lanka proposed the CyberSecurity Act under the National Cyber Security Strategy of Sri Lanka, finalised by Sri Lanka Computer Emergency Readiness Team (SLCERT). It is a comprehensive framework to prevent and mitigate cybersecurity threats effectively and safeguard critical information across various industries.

In order to ensure a strong and secure economy amid the global pandemic, Sri Lanka is not behind in Cybersecurity preparedness. ARCON has witnessed strong demand for data security solutions especially from the BFSI segment in Sri Lanka. ARCON has a good track record in the country with a flourishing partner ecosystem. As travel restrictions continued to limit our travel, ARCON thought to reach-out to the audience via info-sec focused webinar.

ARCON COO Mr. Lalit Popli, an Infosec veteran, decided to share his views on ‘Identity, Behaviour and InfoSec in BFSI domain’. The webinar was on 18th November 2020. The objective of the session was to disseminate how ARCON robust solutions play a key role in securing privileged identities, monitoring users, and preventing data breaches.

 

Here are the key takeaways from Mr. Popli’s presentation to the audience. 

 

A] Identities

All of us have our own identities – there are separate names, gender, age, birth origin and so on. From an Information Security perspective, identities are the digital versions of real users in the form of accounts that grant access to the critical systems, applications or databases. The number of identities have grown over a period of time specially in the last decade after mobility, business automation, digitization and the recent WFH conditions are adopted by organizations.

Now, lots of ‘identity chaos’ happens when the number of users grows uncontrollably and there is hardly any track of the number of their activities. It leads to multiple repositories of identities, multiple IDs, multiple passwords and eventually security vulnerabilities. Adding to the concerns, if these are privileged IDs, then the risk is higher as these accounts are the gateways to confidential business information. On many occasions, privileged IDs are created on an ad hoc basis and are forgotten to revoke the rights even after the tasks are accomplished. This multiples the risks of breach incidents.

In a distributed environment, large scale enterprises are continuously communicating with the on-prem and remote employees, customers, suppliers and partners. Internal and outsourced business collaboration can happen only when there are different identities for different departments and roles of the users. The risk grows exponentially as chances of suspicious third party access and unauthorized access increases. To maintain business continuity, customer satisfaction and cost competitiveness, organizations end up compromising on IT security aspects which results in cyber catastrophe. 

 

Challenges

The major types of challenges that organizations face in this scenario are as follows:

  • IT administrators: Unsafe sync scripts and too many users and account admin rights requests
  • Developer: Redundant code in each app and rework code too often
  • End-users: Too many passwords to remember and long waiting hours for access to critical apps/ systems
  • Security/ Compliance: Too many orphaned accounts and limited auditing ability
  • Business Owners: No control over the day-to-day IT tasks

 

Solution

ARCON | Privileged Access Management is a best-in-class globally acknowledged solution Identity Management and Privileged Access Management. ARCON being a pioneer in this solution is trusted by more than 500 enterprises across the globe and Sri Lanka is also included in the list. ARCON | PAM (Privileged Access Management) builds a robust security shield around the IT ecosystem with an array of features. It includes Granular level access control, Single Sign-On, Auto-discovery of accounts, Onboarding of accounts, Multi-factor Authentication, Password Vault, Just-In-Time Privilege, PEDM (Privilege Elevation & Delegation Management), Session Monitoring, Audit trails, Virtual Grouping, Live Dashboard, Customized reporting with Text & Video logs.

 

B] Behaviour 

Today, user behavioural security has transformed the definition of IT security altogether, especially after the advent of remote work conditions due to the global pandemic. The myth of risk-preventive security is busted and organizations have started to adopt risk-predictive technologies which are more convenient and result-oriented. Monitoring the trustworthiness of the users is the newest and sophisticated way of securing data assets. This has necessitated a Zero Trust Security framework in many global organizations.

The major challenges of user behavioural threats are malicious insiders, unauthorized third parties and suspicious business stakeholders. In the last few years, most of the global data breach incidents are happening due to malicious insiders. ARCON | User Behaviour Analytics (UBA) has transformed the definition of IT security today. It has the ubiquitous AI-ML component that understands the behavior pattern of the end-users  or any deviation from the baseline activities and considers it as anomalous behavior, and flags to the administrator immediately. In this pandemic situation, organizations are badly in need of a solution where there is seamless monitoring of the users and the activity patterns. ARCON | UBA is the best-fit solution with a school of features.

  • Session Monitoring enables recording of all end-user activities in real-time
  • User Restriction restricts any specific activity (apparently irrelevant and suspicious) of an user
  • Privilege Elevation mitigates malicious activities and prevents data breach threats by avoiding large number of privileged users
  • ARCON | UBA empowers enterprises to meet various compliance requirements such as EU GDPR, PCI-DSS, SOX, HIPAA, SWIFT and others
  • Live dashboards help IT administrators to continuously supervise IT operations and governance
  • Dynamic Report strengthens security and compliance framework by generating dynamic reports to detect misuse of privilege rights

 

C] Information Security: More solution

Information is omnipresent and ever-growing. Hence, it always allures malefactors to inflict more illegitimate activities on the IT environment to take hostage of enterprise data assets. Mr. Popli highlighted that for the last few years Sri Lanka has been subjected to several cyber incidents. At the same time, there has been a sharp decline in the attacks compared to the last 10 years. The organized cybercriminals, compromised third party users and malicious insiders are always behind sensitive information for unlawful purposes. ARCON | PAM and ARCON | UBA takes a pivotal role in reinforcing robust access control mechanisms and safeguard confidential business information from nefarious activities.

Besides, ARCON | Endpoint Privilege Management (EPM) solution grants just-in-time privilege to access business critical information. It helps endpoint privileges to allow access only on a “need-to-know” and “need-to-do” basis. The access rights are revoked immediately after the task is accomplished. ARCON | EPM bridges the security gap between unmanaged endpoints and IT administrators and thereby helps to reinforce Zero Trust framework with the help of several features such as – 

  • Centralized Policy Enforcement
  • Privileged Elevation on-demand
  • Priority-wise profiling
  • Application Security
  • Fine-grained Control
  • Audit Trails and Reporting

 

Conclusion

Today Sri Lanka has become one of the vibrant economies in the sub-continent. IT risks always linger around industries that are experiencing rapid digital growth. Modern technologies are appreciated and adopted as per circumstantial demands. Therefore cyber security preparedness is a must to mitigate cyber catastrophe.

Mr. Popli while drawing conclusions also answered the queries raised by the attendees and promised more Sri Lanka-specific webinars for the IT security community in the island nation looking forward.