sb-as logo
Story image

​​​​​​​The growing importance of digital identity in a COVID-19 world

02 Oct 2020

Article by Ping Identity country manager for A/NZ Ashley Diffey.

As businesses figure out how they will function in the months ahead, many are realising the vital role that will be played by digital identities.

With many staff still working from home and customer interactions occurring online, being able to reliably identify people is critical for maintaining the security of applications and data stores.

For many organisations, this requirement comes as no surprise. They’re the ones that have embraced a strategy of digital transformation and have in place the platforms needed to support day-to-day activity.

For others, however, the road ahead is much steeper. These organisations need to find a way to cope with employees working from home while also maintaining productivity and customer service. They’ll have to undertake digital transformation from a standing start.

Adopting a strategy of zero trust

The businesses that succeed and flourish in this new environment will be those that have taken an open approach to their IT infrastructures. Rather than using the traditional strategy of locking systems behind firewalls and allowing VPN-only access, they’re making things more straightforward for staff, clients and suppliers. They’re adopting a zero trust strategy.

Zero trust turns traditional security models on their head. In the past, organisations believed that if their IT infrastructure’s perimeter was protected, bad actors would not be able to gain access.

In 2020 - and particularly in a COVID-19 environment - such an approach no longer makes sense. High-performance, reliable access to systems is now needed by users more than ever before.

Also, rather than being an old-style walled garden, most organisation’s IT infrastructures are likely to comprise a mix of on-premises systems, cloud resources and SaaS applications. Building a wall around everything is not practical.

Core to the concept of zero trust is digital identity. Organisations must have a failsafe way to accurately identify everyone before allowing them to access the application or data store they have requested.

Effective security for APIs

Digital identity is also essential when it comes to maintaining control of Application Programming Interfaces (APIs). Used to link applications both within an infrastructure as well as externally, APIs have come to underpin many transactions in an increasingly digital world.

Just as knowing the identity of people wanting to gain access is important, it’s also needed for APIs. An organisation must be sure that any request for or delivery of data via an API is coming from an authorised source rather than a cybercriminal.

For this reason, the digital identity platform becomes the centrepiece of a practical security framework. It must be able to consistently and accurately establish credentials and prevent access if those credentials are not validated. If an ID platform is not in place, breaches will occur, and bad actors could gain access and cause damage or data loss.

Ongoing vigilance

As well as having an identity platform in place, many organisations are also deploying tools that monitor data traffic flows and look for abnormal behaviour. AI algorithms can learn what constitutes ‘normal’ behaviour and then trigger an alert if something unexpected occurs.

This might be an individual who suddenly starts spending more time with a different application or transferring large volumes of digital documents at an odd time of day. Alternatively, it could be API calls that request data from an unusual database or deliver some unexpected responses to outgoing requests. Having such monitoring capability in place further strengthens security in a zero trust environment.

By placing a digital identity platform at the centre of their IT infrastructure, organisations can deliver the anytime, anywhere, any place environment that their users require when working remotely. The organisation can also offer customers and suppliers digital access, confident in the knowledge that they are legitimate people and are acting transparently.

COVID-19 may have caused a lot of disruption to business, but it may also spur many to improve their IT security through effective use of digital identity – and that’s a good thing.

Story image
COVID-19 crushes fingerprint reader market
However, the biometrics market is expected to regain momentum with alternatives already beginning to find their feet.More
Story image
Palo Alto Networks launches new SD-WAN solutions and enhancements
Palo Alto Networks has introduced two new SD-WAN appliances and enhancements to its next-generation SD-WAN solution, expanding the company’s CloudGenix SD-WAN solutions reach.More
Story image
Gartner reveals the top strategic tech trends for 2021
“CIOs are striving to adapt to changing conditions to compose the future business - this requires the organisational plasticity to form and reform dynamically. Gartner’s top strategic technology trends for 2021 enable that plasticity.”More
Story image
BlueVoyant acquires Managed Sentinel, builds out Microsoft MSS offerings
“Combining Managed Sentinel’s Azure Sentinel deployment expertise with BlueVoyant’s MDR capabilities will help customers operationalise and maximise Microsoft security technologies."More
Story image
Palo Alto Networks extends cloud native security platform with new modules
Palo Alto Networks has announced the availability of Prisma Cloud 2.0, including four new cloud security modules, thus extending its Cloud Native Security Platform (CNSP). More
Story image
Experiencing ransomware significantly impacts cybersecurity approach
"The survey findings illustrate clearly the impact of these near-impossible demands. Among other things, those hit by ransomware were found to have severely undermined confidence in their own cyber threat awareness."More