How Can I Sign Hawaii Banking PDF

How can i industry sign banking hawaii pdf safe

[Music] welcome to our cooking a cold webinar working from home it's not secure without an effective I am my work from home scenarios will network was very strong identity in Access Management back end this webinar are supported by managed engine a division of solo Corp speakers today are they ready who is senior Technical Evangelist at man attention and me marking clipping her I'm principal analyst at Co vehicle before we started some quick information about some of this stuff which is upcoming at coca-cola so we have a series of virtual events our KC life events and the next one will be next week on Thursday about customer identity and marketing automation then we will do one early August on future of digital identity selfs or any entity and verifiable credentials and one on privileged access management mid-august all these events are for free so don't miss them register for these events have first one full day of interesting content keynotes panels best practices and so on the mouse keeping for the webinar we are controlling audio centrally so you don't need to care about death we are recording the webinar and we will make the podcast available short term and we also will provide the slide x4 download so yes they will be available and then they're secured a session at the end you can add the questions at any time I always recommend doing that so once you have a question Lander it because then we have more questions for lively and interesting Q&A session having said this let's have a look at the agenda the agenda for today is for most of our webinars split into three parts the first part I will look at the impact the current crisis and IT specifically from a perspective of what's and what not to do and how it is effects um security and why identity and access management is so essential for supporting work from home effectively and my main focus there will be on measures that can be taken immediately without complex technical deployment so this will be my as part of the session and then play ready from so Corp manager and we'll talk about the details so he will good and more into the details regarding I am capabilities which can support remote working at scale and then as I've already mentioned the third part we will tour Q&A session so feel free to enter your questions now so let's get started and I would say some work from home today is the new normal it depends on duration depends on your organization on your job but rock from home is a new normal and while people probably will have a mix of work from home and work in the office there will be more work from home then we had father crisis we will never go back to that former normal where for many organizations work from home was the exception so this is what I expect to see and another new normal is zero trust so this concept of don't trust verify so don't think you know I have a layer of protection or parametres and I have firewall and I'm secure no this will not work that doesn't work for quite a while and if we're honest but we need to verify we need to verify the device we need to verify the identity and apparently this is obviously things about identity and access management we need to verify the access entitlements and cetera not only once but repeatedly zero trust is a well-established concept and it will play and has to play an important role of our cyber security because work from home works best with zero trust paradigms so in work from home we have this scenario of people not only working from remote over networks we don't have any control about but many workers also use bring-your-own-device devices so to speak they use their own devices and so we have lesser control frequently and we also that also one of these observations and one of the things where everyone probably has heard about is that various services specifically for for remote collaboration had a very much a very big uptake in usage during the crisis so there's the device there's the service and it's not that everything happens was in the parameter him anymore so we need to shift to a sinking which is accepting that there are that there is bring your own device that people work remotely that they access cloud services and that we need out of paradigms that don't sink in a parameter protected ID so work from home works best with sirak crust and following this your trust program so we can't trust the advice here was pre your own device grant thrust the network because can be every Network we must assume breach does something anyway need to assume sir breach I think it's also some sort of a new normal everyone every device potentially it's under attack and so we need to take this into account we need to consider that so we need to verify we need to verify is that the user using a device he already has been using etc we need to go to this verification and so work from home and see where trust that's out to very tightly related let's call the paradigms or concepts there's Louis they're limited touch points for security compared to traditional ID where you sit on your desktop computer within your organization's in the office and use the internal network it's very different but we can do a lot here we can identify the user if we have an adequate approach for authentication we also can identify the user if the approach is not that good but you are we are obviously more secure when we have a good strong a multi-factor authentication management of endpoints relishing Esprit your own device because there are little constraints etc there are ways to to for instance used in a virtual desktop on the device and but it's also that device fingerprints bring in some level of security and we can use our concept so we need to think about what is adequate to our work scenarios to accept and accept that there might be other devices and use than we had in the past the network there's no controller button network unless the part of the trends about about York over a network yes we can set up some sort of virtual private networks with a lot of challenges that might be charges and performance that might add complexity so noise important thing is to ensure that our communications come it's encrypted end-to-end that would be the best yes we all know that there are things for a better and things that don't work that perfectly well but focus must be on encryption and the systems and applications regardless whether they run on premises or in the cloud we can harden that's more for young for your on-premise / hardened systems we can apply measures here but what we actually always can do in Mass 2 is controlling who can do what who's analyzing who is doing what do we have anomalies do we have outliers so we need to look at these and then there's sISTAR the data and what we must do is we also must implement data governance so not only application security access controls within the application but also data governance is starting to protect data and these are the things we need to look at in today's reality of people working from home or from the office or from somewhere else with whichever device and with occasions and systems running sometimes on premises and sometimes the clock so it goes beyond work from home but work from home and changes we've experienced over the past couple of months are driving these trends for Identity Management has some logical touchpoints was from home on zero trust so when we take this user users device and excesses wire the network systems where applications were side and then uses the data processes the data then there are a couple of points were identity in Access Management is specific relevance it is the authentications that it's the management of users directory identification or verification management lifecycle the authentication there is a typical domain of identity and access management and there's a loop 2 dy authentication of the device and the authentication that the device or education itself there's the device ID and there's then the relationship management so it is which devices are assigned to which users of which are that users devices and that is there's this notion of identity relationship management where it's about understanding the relationship between users between organizations other users devices things etc so mapping there's an understanding in the authentication process ok this is a smartphone of Martin cooping er is part of what we cover in a tent in Access Management at the level of systems and applications we have access controls we have our standard management of access our access governance with the authentication we have to also receive in all these technologies in place and we also can implement access controls of the data level for instance in databases on file systems but also information protections approaches which help us really applying access control directly to documents other types of data and exit allowing only access following this including which is part of that including the encryption required here so there's a very logical relationship financing access management was work from home and zero trust um identity access management is a key element maybe the key element for security in work from home and the key element within zero trust zero Trust is far far more about identity management then it's about traditional network security so when we look at this question is what can we do and what should we do in at the end and we still are in a mode where in many organizations a lot of people don't work in the office they work from home so we are in some areas restricted we might have financial pressure budget restrictions so what should we do now and how do we should be in Westland here are some more generic rules on that the first thing is never in panic mode or in headless chicken mode them even when things are fundamentally changing think about what is the best way to solve a challenge keep a clear mind and don't act in panic I've seen so many specifically insecurities I've seen so many investments being done so to speak and in panic mode oh this our company got hacked or we had this incident here we must do something yes you frequently there is a need to do something but if you don't think about what you do best and doesn't really help it might be end up in a wrong investment and there's also need not to blindly trust so don't trust anyone lightly not even us not even the analysts we might also be wrong um step back and think about compare alternatives look at the benefits and also think about what is what you really can implement what you can manage etc so think about it also don't try to rebuild the way people are working for work from home work from home is different there's more online collaboration and if you look at the uptake of tools such as Microsoft team zoom and various others it's a different way of working and I think everyone who is spend some time and in the home office has learned that there are things that are different running a full day workshop remotely is nightmare you need to split it you need to make it different you need to find different ways so it is different and you need to change your work style and also adapt your attitude it weepy ants also in consequence of deaths so it's not about doing the same thing fast remotely really think about how your world will look devices cloud services and ask yourself the question is VPN really this is using it if then don't edit now there are a lot more modern options available select your technology carefully there are various options and you need to always need to think about can I can I manage this doesn't work for my people or are there better ways to do it don't over invest um there are so many new ways to work um look at these thing about what helps but be careful not to use too much not to spend too much and at the end it's always about educating there are so many changes to your teams the exam of them positives because people are what I've learned really really good in collaboration and adapting to that change but also the human factors the biggest security applauds you fly so you need to be careful at UK them but also sing accept that people have most people at least have a very good human sense so they understand this might be a security risk this thing and really build on that as well so in a cyber security perspective what are the things to do first the first thing is multi-factor authentication at all touches on a separate slide again @p wait now but inform people ahead now if you came okay this will change that's the way it works to explain then activate trequan sir endpoint protection is working it's easy on most operating systems to educate users how to check whether and tone protections on a positive green state keep things up to date automated patch management from my perspective is a it's a must so there the risk of patching is far lower than the cyber risks you're taking so today rarely something goes wrong respecting their acerbo is your residual risk but really it really causes problems while you have a constantly.i cyber risk train people in a simple way no length a certain go for five-minute videos do it regularly it's a better shorter frequent too long and boring and look at how to protect your data use the tools you're using to write wait go to data governance data control as well beyond just saying these are the access controls hood some if someone has a sorta KL syndicated it's enough go beyond that but the number one thing to do is multi-factor authentication it is a must so there's no way not to use multi-factor authentication from my perspective it helps you against phishing attacks it helps you to make things more secure there are standard features applicable you might use there are specialized tools there's a variety of options you have here for your devices check the fighter support in the creation fighters cool standard but inform you uses a hat so that they know what is happening and once you have a little bit more more time to sit down and think about where we are heading with the entire identity and security look at our concepts of identity fabrics and trust recently announced a the security fabric so put all this into a framework where you say what are my services my capabilities I need to connect everyone to consumer departmental employee the device the thing to all the services regardless veteran so which capabilities do you need which services you-you-you need for delivering these capabilities look at modern architectures which allow you to work with existing and with new applications which also allow you to support new digital services you build so which give you the agility but also the into creation and the hybrid support and those ones we call addenda fabric we have a ton of materials online videos and research documents around the identify break already this is then what is your bigger pictures or the first step right now not over investing focusing on the small steps which help you really making this work from home more secure and then the next step is sitting down and thinking about what are the strategic measures to take we stand on end at the end of my part of the presentations and I hand over to okay who will then go deeper into details of how identity management can help in work-from-home scenarios and why it's so essential to to work from all securely and efficiently wonderful thank you so much for setting the premise right for me marvin i'm giad ready i'm with the identity access management team here at manage engine we do quite a bit around identity access management and cyber security so there's Martin did set a very strong precedent for what I'm about to follow to today's session a couple of points that I personally found interesting based on what Martin made let me start with that and then quickly get into the agenda for the next 20 minutes so the whole idea of parameter being not a relevant thing anymore because you know as we speak users are working from home your office perimeter the one that you were absolutely sure about the one that you had 100% control over with your sim solution with your firewall so on and so forth is out of context as we speak so one quick observation that we've been trying to make Rikers how is the parameter taking a new shape user ide tities are becoming the parameter as we speak and that is going to be the precedent for the rest of the session guys what we've been trying to do is even during the call that Martin and I had you know last week we were trying to understand how to go forward with the whole presentation which is figure that there was this one question that kept coming back from a lot of people how do you do it at scale how do you you know get the whole process fast-tracked there's a lot of chaos as as of now as we speak so how do we streamline the whole process is the question right now and that's something that we want to address so what they've been doing here at managin is over the last hundred days or so we've been helping out organizations around the world and especially we've been helping them you know gold remote so we've set a remote task force team we've got about our 50 folks helping or the go remote and in the process we've been able to identify it certain common problems organizations face so while in the journey of going remote there are certain aspects that need to be covered in address and that's exactly what I'm going to be doing so I'm going to be sharing the learnings of our interactions with all the customers and all the companies around the world that have gone remote and what flowed blocks did they have and how did we essentially help them come over that is what we're going to be doing so as we go forward like martin rightly pointed out zero trusts can become the big deal or the need of the are as we speak because you know we've been talking about endpoint protection and so on and so forth now user identities are again endpoints right now as we speak when it comes to user identities there's always this big question because you know as we speak there are 10 or 15 new applications that get provisioned for every user who's working from home primarily the ones that are collaboration applications a lot of us must have just started using office 365 em or Microsoft teams or you know collaborating or one way of sharing data so on and so forth so how do we take control of that and answer that one question is it safe to trust our users because in my opinion the security of your organization is only as strong as the weakest link and in this instance the weakest link obviously is our users we were also trying to understand how BYOD is changing things users not just bringing their own devices they are very much bringing their own vulnerable piece to and attackers are very well aware of what goes with this whole shift in the landscape and that's why we want to take an address certain problems specific to enabling your users at the same time not at the cost of compromising security the biggest challenge as we speak this the whole problem of liquidating the security aspects of your identity you know you try to make it more accessible to users but you compromise security at that point so can we get that right balance and get the whole thing to scale so couple points that we'll be discussing essentially action items that you can go back and implement right away that was the agenda these were the ones that we recommended to our customers and we got them up to speed to remote work and that's what we intend to do with you as well so we'll start with our end users the ones who are essentially working at home or from home how do we enable them through the whole process yes educating them making small videos helping them understand how to go about the whole process is very very important and equally making the whole process frictionless is also important how do you enable self-service for your users is something that keeps coming up all the time because as we speak there is a tremendous surge in the dependency that your users who never have a contacted the IT team contacting day-in day-out so we'll see how self-service can make a difference we'll go a little further and touch upon a little in depth for what multi-factor authentication means and how do you scale with mfa martin did point out as to why mfa can be the game changer and foolproof in your system I probably drive a little bit deep and see how do you get the whole MF s at the foss here we go a little further we'll talk about single sign-on as not just an enablement tool but also from a security standpoint how can single sign-on reduce the number of interactions that your users essentially have with an IDP or an identity provider how do you keep that minimal how do you ensure there are lesser chances that something could go wrong we'll see and take a look at how single sign-on can scale we'll go a little further and talk about monitoring user activity now as much as it is important to keep a tab and enable your users it's also important that you know and have an eagle's eye view of what your users are working on what are they doing and how are they interacting with your sisters from two perspectives definitely from a security perspective the variables are many very many so we need to keep a track on them and also from a Productivity standpoint now that's definitely different take so how do you use your existing solutions to not just keep a table on security but also chef with the check if you can enable your users better to work productively and in the process optimize your resources as well how do you allocate them can you loan balance better those are the questions that we'll be answering and yes moves without saying there's a lot of shift of wantin shift that's happening towards Microsoft services like Office 365 and Microsoft teams so auditing them keeping a tab on them being able to analyze users activity on them is something that we'll be discussing true alright so that being said the first step for the day and one start with the action item is going to be self-service for your users so as we speak like I told you it's a seminary surge in the number of helpless tickets that your administrators in a health risk of facing it essentially you're on password resets in account unlock now you can't really blame your users because they don't have the provision to call up the administrator or walk up to an administrator as to how they be doing it while they were at work so tell you what guys as matter of fact do tend to make a lot of mistakes along the way and when we try to streamline the process things get a lot easier so setting up a simple self-service for your users is how you can install your remote work scaling and for most parts setting up an SSP are shouldn't be a big deal and educating your users is also not going to be a problem essentially because this is not the first time your users are being exposed to SSP are we don't call up Google or Facebook if they want to reset their passwords do they know you just get it done so how do you enable them and how do you reduce friction in the process of enabling them is what we'll try and understand yes goes without saying we need to empower them why are mobile applications as well can you do this at scale can you get them to do on the go is a question that we'd be answering so what are you simply to put where do users forget their passwords where do users lock themselves out it's the log on screen so why complicate the whole process of calling up the administrator why not give them the coercion to work at scale right at the log on screen and resolve their own problem was the idea a trial in our heads so we put together a simple module for sspr ourselves service password reset one of the most important aspects of managing your and then is effectively ensuring business continuity you don't want users to be stalled so you you do that right the logon screen and when it's our users you'd want to have as much as least friction as possible for your users all it has to look like is a simple button click and they'll have to get down that but in the background it's not as easy as it seems because your users are not in your organization we are in connected to your Active Directory what if they forget their passwords what if they lock their accounts out so all that we are asking for is a tool that would so as an interface between your users and your Active Directory or your identity platform anything for that matter so as that gateway that's going to also enable and at the same time secure the whole process of transacting all these Active Directory or identity related requests so when a user clicks on the reset password or account unlock all they will see is a simple validation page where it go through a couple of factors they'd not even realize it happens in a jiffy and 8360 the tool for managing that we've built especially for identity access management and helping a remote work does the job of weight lifting it takes the request it processes it it understands and authenticates the user release the request back to Active Directory gets the whole thing back the user overrides the cached credentials a whole deal of weight lifting happens in the background and all that your users see is as simple as this they hit reset reset works like magic they get going with your work so that is the kind of enablement that we should be looking at we will need to give them processes effortless and the first one that I recommend is setting up self-service for password resets and account unlocks major major problems for a lot of organizations that we've been working with help this ticket volumes are soaring sky and I because users keep consistently locking themselves out and forget their passwords this is probably the last thing that an administrator or gal just should have in their mind while they are trying to battle out a hundred other things while working remotely so with respect to support look for a solution that can give you the broad range of support like any VPN if you want to bring your own VPN you can very much do that so my first recommendation is essentially to get set and SSP are a self-service Password Reset a very critical one if you are looking to scale your remote work and enabling your remote users now that we've spoken about remote users what about what's happening with Ryan sees what about how attackers are trying to take advantage of the situation so now your users are more vulnerable and ever before because it becomes very very easy to socially engineer your users down the line I'm gonna be giving you and walking you through a personal experience that I had faced an email and malicious email that I had received so people are very much prone to you know click on links be baited socially engineered and attackers are trying to take the utmost advantage because you no longer have the backup of your organization's sim tool or your security school it's not working out your users are logging in from their home networks and we know how unsafe and unsecured and how many loopholes are there to crack through that so behavioral patterns is all that the attackers are looking for in one weak spot in your network or one user making one tiny mistake your entire network security can come tumbling down so we're trying to understand a couple of points I can yes Microsoft two went on to make this recommendation or an announcement a while back so this is very forthcoming of Microsoft is saying that it's becoming really difficult given the fact that how I build systems are set up given the fact that even if one touch point goes down even if one identity goes down it takes nothing less than two days for an attacker to compromise the entire domain admin credential that is quite scary it doesn't really stop try that that's the worst part and right after the attack we've been around in were you know remote working for almost about a hundred days here in India from where I'm presenting all right what if we weren't able to detect one of those attackers who's already in the system like Martin was pointing out be prepared for a breach understand and acknowledge the fact that we are under attack as we speak we've been working with a lot of customers and companies around the world and they've been targets to phishing attacks recently and it's been on the sword not just normal organizations even organizations like health care institutions that's quite disheartening the problem right here is there's a lot of chaos as we speak why users are working remotely there's going to be a lot of back-and-forth data transfer as such and attackers can easily get away without leaving a track exfiltrating data that's the most difficult part and a lot of senior folks cybersecurity professionals also agreed at this point breaches are taking longer to protect then how it used to be before while you're working from home so it all boils down to where do we draw that line how do we understand and acknowledge that we are possibly under the tracks as we speak as a soul there's a rise in terms of phishing attacks or mellow as being installed our users falling victims for these because we keep you know talking to people and all of them a lot of them fall prey for these codes of attacks they look like legitimate emails the attackers take enough care to make them sound absolutely relevant and absolutely right in clickbait your users end up thinking that it's the World Health Organization or probably the CDC sending out an email or an upgrade and not just that people are taking advantage of the attackers or taking advantage of the government policy so here in India about two weeks back what had happened was we had one of the biggest breaches that banking institutions in history of had what has happened is a big banking institution Domon banking institution it the attackers pretended to send out emails pretending to be the banking institution asking users to fill out a basic form to get a compensation from the government a lot of people fell prey for this before the government could get hold of the situation a lot of damage had happened why am I talking about all this so it all boils down to how do you enable your users to not and to do the right thing how do you get them not to click on links like this because the line between your work device and your personal device has completely failed if one of your users bringing their own device at clicked on a malicious email sent to a personal account doesn't matter even before you know that could percolate the malware could percolate into your corporate network as well so that is the scariest part as we speak a lot of account takeovers are happening as we speak a lot of business email compromises are happening as we speak time and time again there's been one layer of security that is protected so that has protected our identities which is passwords so what we're trying to do right here is to try to understand how passwords can be helping us going forward but we'll also have to appreciate and understand that they aren't good enough they end up in freight cost efficient profit even if they are stolen you can always reset where additional hardware these are advantages of passwords brought they've been there for a very very long and in fact in my opinion if I want to talk about let's say one of the common password policies Active Directory password policies there's not been a considerable update in the last two decades and that's a very big problem that we are facing so attackers are gearing up with the best-in-class tools to hit you and all you have is something that's called as a fine-grained password policy maybe the best version with what you can do with existing password policies it doesn't just talk with 80 I understand if it's 80 all other new identity platforms as well to have these known difficulties or challenges and this is publicly available information as much as how administrators and security folks are aware the attackers are equally prone and aware of the knowledge - so what do you do to ensure that you don't fall prey for this incremental passwords are a big problem because this password fatigue that is associated with it where your users end up setting passwords in incremental order so you ask them to reset their passwords because of an expiry all they do is get really smart just add a number to it so how many of us joining today with utmost sincerity tell our users don't have a password like password at one two three or I love you these are the common passwords they've been t e common passwords in 2019 and 2018 we way back and there's not been an upgrade that stops users from using such passwords so is the case with dictionary words a big pandemic or an info Demick if I would say is using it literally was how do you stop them and it goes without saying the whole deal with expiry the question whether expiry is good whether the regulations there are certain regulations like NIST that suggests otherwise so we trying to battle a very big problem with identity security with just one layer of password security and not to it isn't full-blown it is in foolproof that's the idea so what we thought was we'd build a layer on top of it stop users from using dictionary words that's the first basic recommendation that I have for you stop anybody from using any dictionary words at all your users cannot do that you go a little further stop them from using add-ons you stop them from using patterns like one three our keyboard was like you wer py get them to not use and the previously used password password history is something that you can have in your mind how do you stop them from using incremental passwords that way so a couple of basic challenges that we are trying to solve right here with the strength and also start looking outward beyond what your tools offer existing password policies are prone to attacks are error-prone so look for a solution that can strengthen your existing password policy one step further and in fact my recommendation to a lot of them is setting passphrases you the longer the password the more is the entropy the difficult that is going to be for the attacker to crack through not just that we've got an integration with Hawaiian pond so these guys do a good job in collecting all credentials that are compromised anyone any that was a compromising and attack in the past goes right into the database and your users cannot set passwords that are compromised so look at it as your first line of defense and existing password policies don't do a great job at solving that problem so it makes absolute sense to start with strengthening your password so as much as how is it important to set up self-service it is important to set up stronger passwords which is your first line of defense and in the process most of the time with stronger password policies is a little bit of friction we're trying to avoid that friction too and give them those requirements right where they'll be looking for right on their logon screen so the intention of self-service is to reduce password calls and we don't want password calls because people weren't able to set stronger passwords so give them that right there and along those lines along those lines of cause that helped us receives another big problem is account law cause people keep forgetting people keep locking themselves out so you would need to be able to get on top of your system back in the day back while you were at work it was easy to get on top of the system and understand where there was it a expired credential whether was it a service account using a stale credential what was it wrong network drive mapping but now while you're working remotely the parameters are quite unpredictable so you should at any given point them on top of your system be able to understand and analyze and call out whether was it a legitimate account clock up or was it a security problem so you will need to be on top of your system so in your identity management journey look out for account now code analysis as a critical aspect along those links like I told you account lock codes and password expiry s-- are a big problem but what if you can solve it by notifying users right on time so the Microsoft way of doing it is a pop-up and we know how effective pop-ups are users tend to never read a pop-up and it's not work ever so what we're trying to do is we're trying to get the message in as many places as possible tell them over an email tell them or a text message tell them or a push notification let them know that their passwords are about to expire let them know that their accounts are about to expire do that in phrenology do that one month ahead of time fifteen days ahead of time one we kind of time and you'd see great results over the last hundred days we work with hundreds of companies around the world and a lot of them we've implemented this and have seen a drastic reduction in helpless cause it could be a simple text message that could get the job done so the first tip I have for you is to enable self-service for your users set up a strong account lockout tracking enable password expiry notifications and strengthen passwords so all of that around passwords and how do you go about making it smarter on top of it like Martin was pointing out you know we make it foolproof can we make every punch point footwork that's the question that's been running on our mind now we're out right is one of the best ways to make things foolproof not just mfa for your applications or for your service we wanted to like rethink mfa and we thought why not have mfa right at the log on right where your users log on can we have mfa was what we asked ourselves and we did make it possible mfa right at the logon along with every other endpoint that we are talking about servers applications wherever you think so when you're trying to do it at scale the easiest thing to do is to start with the most basic entity which is the logon screen where a user logs on the for the first and so look for the solution that give you the breadth of options we are talking about enabling users as quick as possible so we'd want to give them the options if you are using office 365 if you are using Microsoft Azure you already have Microsoft Authenticator free of course just start implementing it if you already have subscribed to a solution look for options that can make it quicker for your users fingerprint maybe face ID maybe get them up to scale and in the process check if you can get all the critical stakeholders upgraded to MFA and talking about service or constant talking about administrator accounts never ever skip these critical accounts I have a quick example right here where an administrator account got compromised and the attacker is blocked by a wall and the attacker is not able to proceed any further because there's a verification code that gets sent to the administrator's email like this can be the case with your service accounts testing be the case with the credentials that are shared across your organization so you would want to take that step of setting something up like in a one-time password or a time-based authentication or a verification code for all your critical accounts right at the logon and most of your problems be its remote logon be it log on my a VPN beat access to files and folders if you can set up MFA right before that most of your problems do seem to go away at that very instance even if you are trying to look at office 365 you can check out the secure score dashboard that comes with office 365 the first recommendation that they have for you is enabling MFA and along those lines does it really stop right there is the question can we become a little more smarter we talking about attackers with sophisticated use can we also be sophisticated so the answer is yes you can look at solutions that do contextual or adaptive authentication you go one step further not just treat the basic problems try to draw risk scores for users with every loved on try to draw baselines for every user with every introduction that they do so with time your system gets trained so Jay basically accesses his device from India this is the that he logs in from this is the network rains from it logs and from and she logs in from maybe 9:00 in the morning to 7:00 in the evening this is are these usual timings and if there's a deviation my system can be smart enough to call it out and meet things difficult if it were an attacker extra layers of authentication extra challenges to go through or if you want to completely block the whole transaction or stop the user from logging in you can always do that so look for solutions that can smokey scale because MFA is definitely useful no doubt but now that we're talking about working remotely where there are innumerable parameters and variables in the equation it's constantly evolving it makes a little sense to be adaptive smart and why not use machine learning to draw risk scores for users and authenticate them based on context network location biometrics lot of factors get taken into account based on how risky the log honest they either get access or peed tonight of access you could absolutely try an adaptive authentication more like an upgrade to multi-factor authentication so context can be the king right here as we speak so so long we've discussed about setting up sspr that's the first step that I had for you the next one is to enable a very flexible at the same time a smart authentication a second level or a multi-factor authentication along those lines the next point is going to be single sign-on now when it comes to single sign-on for a long time it's been more of a enablement option with respect to you know getting users to scale giving them access to multiple applications but it turns out it can also we our security option because you're reducing the number of times while your users are getting to enter their credentials you are giving them a one-stop dashboard where they can access any application that you have configured for them they don't fall into the victim or they don't become victims of password fatigue they don't use the same password across multiple platforms they can set strong passwords at different platforms and since you have a very clear-cut enablement like you're a single sign-on dashboard we'd be able to just log into their Active Directory or their accounts and start using applications so single sign-on thus go a long way in any organization so when you're looking at a single sign-on solution there are a couple of points that you can have in mind you can look at systems that are platform agnostic you don't want to be restrictive you want to go to that very extent where you can bring in not just your own applications I mean not the applications that are served it to you by a wenda but also you might have in-house applications because what we've seen is there are a lot of organizations out there as we speak have started exposing their internal applications over the Internet for the want of better accessibility now that can be a challenge if you can secure that if you can channelize the whole gateway through a single sign-on nothing better than that so likewise look for protocol support look for Sam support look for LDAP support radius support should look for a solution that can go at scale and at the same time give complete control to the administrator on what applications are your users using so it gives you a clear insight to optimize resource utilization as well a lot of us a lot of our users tend to hoard with applications that they never need in the first place so this could give you a report on how that is being used so single sign-on setting it up is my next recommendation for you now we've been enabling users all along right now it's about time we start stacking them as well like I told you there are two perspectives one from a Productivity standpoint another from a user behavior standpoint so from a Productivity standpoint since all these identity platforms have a great deal of event tracking you can be a little smart and not just track log on and log off you can look at factors like how long as your screen being idle was there a wallpaper that came up - they go out on a break and the screensaver popped up so many such small events can be tailored into one you know equation and you can get net productivity of your users and along the line you can let the respective line managers know all of your having contract employees who get charged or billed by the hard this can be a great way to track remote users and how productive they are so I have like a quick a screen shot right here that shows you it tells how long were they active it else how long were they how long were the net productive so we are constantly reinventing ourselves no identity access management administrators are taking center stage with respect to security and productivity as well a lot of organizations are relying on them along those lines are we talking about tracking user straight it all boils down to looking for those indicators of compromise you never know if you get just thought tracking logon activities for your users and start correlating them you would make a lot of observations that you fail to make before it can be something as simple as turning on Auditing in your event you are now you have tons of events if you can get context to it nothing better than that because if I were to break down a brute-force attack it's nothing more than a repetitive logon failures followed by a successful logon and then someone goes on to access a critical file or a folder or a server and then they start installing a malware follow that up with data exfiltration this is the whole kill chain that you can talk about and if you can correlate all these data nothing better than that and through the process at every step if you can look for anomalies like business arts if you can keep track of a remote work if you can look at how attackers move or how it can be an insider it can be an hacker you would want to know how they move in case if you're looking for an indicator of compromise monitoring logon activity is something that you can definitely do yes it doesn't stopped right there since we've already established the fact that there is a machine learning why not use that here as well to detect deviation unusual volume unusual count unusual time of the day access done for the first time but it will adjust being misused you can use user behavior analytics and identity access management can have a very strong integration with you BA because like Martin pointed out data protection is taking center stage data access governance is taking center stage and I am administrators have a critical role in that now when it comes to how we do it analyzing what volume of data was accessed were files on onedrive access can lea ordered that the whole equation gets solved if you have you in place and look for solutions do that because unusual activity you can spot that out in one go you get context with every problem right there you get told why was it unusual when the user Bakken how was it different where was the first touch point and you get details like that you go a little further and you can detect lateral movements as well because like I told you sum total of log on at booty one IP address multiple logon attempts that could be a lateral movement swatting or malware if there's an installation that's made for the first time you can stop that privilege is being used for the first time now ministry to us now are tending to be a little lenient for the want of Greta business continuity and end up giving extra privilege that would probably lead to privilege abuse of privilege trip so you would want to be under absolute control and have systems that can monitor that aspect of privilege as well along those lines not just monitoring if you can streamline the whole process of privilege delivery or entitlements management you can do it with workflow you can get all the stakeholders into your system meet them go through the whole process of a request review and approval and a lot of compliance regulations also demand you to do that by a reduction by there's a great reduction in your cost of compliance as well so you helped set up quicker entitlements review so when there's a day when you need to check your entitlements review you can very much do that because you had visibility into who had what privileges and the whole process of entitlements assessment or identity governance as we say who gets what that's very clearly listed through an approval based mechanism so this is something that you can look at so we've been talking about how do you track remote employees how you track their behavior how do you track privileges and along those lines of privileges can we streamli e the process that's what we discussed that was the last point the next and the last point or recommendation that I have for you is being able to monitor all these new found applications that we've become so fond of and you've started using so another thing onedrive is a very critical thing that you'll have to start because last year along October if I'm if I'm right the Department of Homeland Security in the u.s. this tend to say office 365 recommendations they said these are the problems that organizations face when they fast track now as we speak there are hundreds of organizations thousands of organizations that are fast-tracking into office 365 using these collaboration apps and in the process they end up not checking all those important security check boxes so to understand and be aware of the native limitation set up quite a lot with respect to how long can it hold the data for you how long is the data retention policy you will need to get into it and make a lot of customization does it scale for your disaster recovery plan can you get your whole backup in place how long do you set that up can you have complete visibility and audit who's activating or who is accessing what files what folders and how are they going about doing it is there a bulk modification is there a bulk deletion so there are multiple parameters that get taken into account while you're using these new form collaboration applications on the cloud along those lines we talking about enablement we are talking about keeping the business going keeping the lights on and having a clear cut overview with your identity access management saying if there are services outages I'd be the first one to be notified and I get on the situation you should have processes for that too microsoft teams goes without saying being able to monitor activity on and being able to do ediscovery that's something that we are working on could go a long way because we are talking about a situation where PIAA and ph is being constantly compromised attackers taking advantage of the situation trying to exfoliate the data so ediscovery can help you during litigation so try setting that up I have a couple of recommendations basically along these lines and win the process we figured why not do the whole thing mobile so it's not just our users who need to be mobile our administrators IT folks or also move oil so give them an application that can get them to speed that can get them to scale that can help them handle SLS ASAP that's the points like you're trying to make so look for solutions that help you manage your privileges the identities on the go from a mobile yes your users need you have applications to self-service done from a phone a condom knots done from a phone policy requirements clearly stated documentation and best practices given to them password strengthening so on and so forth because you have the convenience to implement and give them mobile applications panco so just quickly summing up if there were to be just one takeaway that you want to go back and implement right away my first recommendation and the one that I want you to go back and do it right away it's self-service Password Reset look for solutions that do multiple directories help users do remotely a strong password set in the process help single sign-on MFA and yes goes without saying notifying the users about the whole change so enable your users as much as possible and all those lines we put together resources they'll be made available after the webinar folks can help us testing times ahead absolutely understand we want to be by your side when you do it and now we are open to questions and over to Martin right now Thank You Trey for all that information you provided and so let's directly jump into the Q&A session we have little time left but we can answer additional questions via email is required so I just pick one or two questions out of the long list we have here I think one of the the most interesting for all of these types of solutions and for your solution as well is whether it's possible to use different MFA methods for different applications or for different groups of users mm-hmm when it comes to MFA applications yes the whole deal about MFA is being able to do it granularly you don't want you know to set up factors that essentially hinder the process you will have to look for MFA options that don't probably require a hardware implementation which you can't do right now so biometric is ruled out so if you can look to make use of what's already available which is probably as easy as a mobile application like a Microsoft mobile Authenticator give them that and that would probably in my opinion help scale and get the whole MFA implemented quicker okay and one more question I've got here is set up custom dictionary of passwords that I don't want employees to use absolutely so that's one part of the tool that helps you stop users from using any degrees we provide a inbuilt dictionary we update it quite frequently and one recent support that we extended is not just English words you can use custom latrice with 15 language support you can very much ask us and we be able to help or you can bring your own display and install into the product and stock users from using dictionary words so all options available here so with that we are at the end of our 7 webinar close to the top of the hour trace thank you very much for all the information you provided and thank you to the man attention for supporting this webinar and thank you for all of the attendees for listening to the scoping hold webinars so I appreciate it thank you so much [Music]