sb-as logo
Story image

Interview: Ping Identity exec on why security system updates are critical during COVID-19

As organisations and businesses settle into lockdown and get used to working from home, many are discovering that the peripheral issues that were put on the backburner are now being thrust into the spotlight as the drawbacks of remote working kick in.

One of the primary issues cropping up in businesses across the world is cybersecurity – how to get employees to work productively from home while also safeguarding the company’s IT security posture, which becomes vulnerable as soon as workers go remote.

Though it’s been around for a while now, cybersecurity experts are advocating for zero-trust and identity-centric security models more than ever now that new threats are emerging in conjunction with this new wave of remote working.

Techday spoke with Ping Identity country manager for A/NZ and Japan, Ashley Diffey, on how zero-trust is favourable over perimeter-based security, and what the changes in work mean for businesses in a post-COVID-19 world.

Why should perimeter-based security models be scrapped in favour of an identity-centric model?

What we’re living in at the moment is the culmination of roughly 20 years of evolution mobiles, cloud and applications all impacting how people connect into the corporate environment.

Going back to the early 2000’s, data centres were in a physical place and the traditional architecture had a strong perimeter around it to stop anyone coming in.

But now, with the proliferation of many different mobile devices and applications needing to connect to systems, traditional architecture is no longer viable.

For example, I could have all the architecture in the world to lock down my environment, and provide access to people who meet certain requirements. 

But if I’m a bad actor and I can impersonate someone with these requirements, then these measures no longer serve their purpose.

This is why we see identity as core to security. Verifying identity, rather than granting access based on certain other requirements is very important.

How important is it for IT professionals to prioritise updating their systems, especially security systems, in the wake of the pandemic?

Large organisations in particular have been hesitant to change or re-platform security and access management systems, because these are inherently critical infrastructures and core systems, so there is a degree of risk.

But the companies we’re working with have reduced that risk by using Ping Identity.

We’re helping them to build future-proofed platforms that can adapt and establishing really clear controls for employees handling customer data.

We’re continuing to see more applications in the hybrid environment space in the legacy on-premise space.

Working with customers on these platforms is a key differentiator for us in the market. 

What do you think the wider implications of remote working will be?

I’d like to see the good that has come from the change continue. For example, giving people greater flexibility around how they interact with their business.

Accelerating technology and systems that we thought could possibly work, now we’re actually testing these systems and finding that that they actually work.

People will work more from home and have more flexible hours, and employees will have more freedom to say they prefer working from home.

But they’ve got to get their identity and access authentication right first, or it’s not going to work.

A lot of companies are realizing that if they don’t get their digital footprint right in this critical moment, then they won’t be here in the long term.

It’s really been a catalyst for change. We won’t ever go back to exactly what we had before – we’ll continue to move on and evolve.

Story image
IT leaders fear increase risk of cyber attacks while working from home
More than 80% of IT leaders believe their company is at a greater risk of cyber attacks when their staff are working from home, according to new research. More
Story image
Five security challenges for the Enterprise of Things
Many enterprise networks aren't adequately managed, creating risk for businesses that don’t have full visibility into all of the devices on their network, writes Forescout regional director for A/NZ Rohan Langdon.More
Story image
Microsoft brings endpoint & Azure security under Microsoft Defender
Microsoft Defender brings Microsoft 365 Defender and Azure Defender under the same umbrella.More
Story image
CrowdStrike integrates with ServiceNow program to bolster incident response
As part of the move, users can now integrate device data from the CrowdStrike Falcon platform into their incident response process, allowing for the improvement of both the security and IT operation outcomes.More
Story image
ESET launches the latest version of its Mobile Security solution
“With this latest version of ESET Mobile Security, we want to ensure our users feel completely secure when performing financial transactions on their devices, in addition to being protected from malware and phishing attempts."More
Story image
Shlayer malware proves Apple devices aren't as secure as you think
"Apple never talks about malware publicly, and loves to give the impression that its systems are secure. Unfortunately, the opposite has been proven to be the case with great regularity."More