At ExtraHop we spend a lot of time discussing the connective tissue between all things in the Enterprise: the network. Yet, there's another overlay that defines the environment, identity. I remember my first foray into this realm working for a consulting firm specializing in things like Active Directory Federation and single-sign-on.
At the time my limited understanding of identity probably mapped to most people's. Can I remember my password and login information? And is my data secure? That was it. For many workers, security and identity go hand in hand and are often seen as a tedious impediment to doing their jobs.
What's Driving Identity Management Today?
An interesting thing happened though with the birth of the smartphone and its ascension to, as some would argue, the most important device in our lives; the consumer experience became so clean it forced a corresponding reaction by corporations. People wanted to be free to interact with their services without the encumbrance of a sea of passwords. They wanted to access critical information on the device of their choice, and they still wanted to make sure that their sensitive data didn't fall into the wrong hands.
In the consumer space, this created a rise of cloud businesses. In the corporate world, it meant either reliance on SaaS offerings, or rolling out your own solutions that could be delivered to a series of devices and a host of different user types. This however, placed an additional burden on enterprise IT as it added substantial complexity on the backend to deliver experiences users would love.
Around the same time this was occurring began the slow-but-steady transition to the digital experiences economy, which further raised the stakes. Not only were internal users with identities interacting with core systems, but environments were now being flooded with interconnected systems that needed their own identities to deliver essential services.
So let's recap:
- Expectations on the identity infrastructure have gone through the roof
- The burden on infrastructure and identity has grown substantially
- The impact technology is having on the business is multiplying
Identity Management Is Desperate for Your Attention
Given these three statements, we can all agree that it is critical to have a strong identity solution in place (and I didn't even get into the security implications yet). If it is so important though, just how important is it to monitor it? You would think the answer would be obvious--very obvious--and yet, what we're seeing in the market could be described as a flagrant disregard for maintaining this identity infrastructure. Need proof?
According to FireEye, an ExtraHop partner and security vendor who would know a thing or two about this space, the average breech isn't detected for 146 days. There are whole businesses set up around just rotating passwords. As if playing a shell game and limiting exposure is enough to protect organizations. Insider threats and massive breaches are in the headlines with alarming regularity.
You see, having Active Directory policies in place, monitoring logs, having a SIEM solution in place … these are not enough to protect an organization from the disastrous effects of the necessary access being used instead as a weapon to compromise and bypass security layers.
This is why there is an urgency to create an identity framework that includes monitoring, and understanding, network behavior. It's not enough to understand what identities are in use, or how stale their credentials are, you also need to understand what they are doing with those permissions, and that means having a solution in place that can monitor all other types of traffic as well. This is an area of focus here at ExtraHop and our contribution to helping organizations secure not just their perimeter, but everything that falls within the walls.
With that said, take a look at this whitepaper, "Strengthening Identity Infrastructure with Better Visibility & Vigilance." In this paper, we'll walk you through establishing an identity framework and discuss ways you can bring visibility to every aspect of your environment, including the identity infrastructure.