There are still many unknowns left on this roller-coaster ride of a year – like, when will we hug our friends and family again? Finally take that dream vacation? Will we ever return to the office? If there’s one constant we do know about this year and going forward it’s this: Our covid-like world is here to stay even if there’s talk and great breakthroughs towards a vaccine.
Rakesh Loonkar, President of Transmit Security, accurately pointed out, “Anything digital was certainly accelerated during this year.” With more people than ever before shopping online, working remotely and relying on the internet in general – the need for identity security to be agile enough to keep up with this new way of life is imperative. Here’s how the events of 2020 and our new realities shaped the cybersecurity space.
- The decay of the ‘perimeter’
It’s safe to say that the effects of Covid-19 accelerated the decay of the ‘perimeter.’ Meaning that the many assumptions that acted as the basis of an organization’s security philosophies have now become invalid. Given the dynamic and hybrid nature of data centers and corporate networks that spread across multiple locations and cloud environments, there is no way that one static perimeter control can secure all of them.
2020 forced many enterprises to re-think the suite of security controls they deployed. Which in turn, led to an increased need for technology that is agile and scalable. Plus, the ability to align and unify multiple authentication and identity and access management (IAM) solutions.
- Secure remote workforce
Not too long ago, employees were encouraged to physically work in the office. This could be due to a number of justifiable reasons like, ensuring work productivity, building office culture and maybe most importantly, security. But with the sudden shift of mandatory work from home policies, businesses have found themselves with insecure methods of securing their remote workforce.
IT and security teams were (and continue to be) faced with the challenge of ensuring the utmost security for remote workers and their mariyard of devices (both company owned and private) across a multitude of networks spread around the globe. Solutions like Transmit Security’s WorkID offer enterprises total peace of mind with secure, passwordless and easy remote login solutions.
- Transformed customer interaction
Due to many brick and mortar stores having to close due to the pandemic, businesses had to transform their interactions with customers, shifting them to digital channels which require advanced solutions with abilities to orchestrate both risk and authentication.
In order to uphold that same level of familiarity and convenience, enterprises need solutions that are frictionless, user-friendly and effective to properly serve their customers. Most importantly, this new method should leave customers feeling just as satisfied or at least comparable to the efficient, friendly in-person experience that they are accustomed to.
After this year, with many organizations successfully implementing digital channels of communication we could see a steep intake of customers who now prefer (or expect) to interact through online methods of communications going forward.
- A step away from 2FA
While 2FA is more secure than a plain old password, director of identity security at Microsoft, Alex Weinert warns it’s the least secure of the multi-factor authentication (MFA) methods available today. SMS-based security methods are especially risky due to the dangers of SIM swapping. This is when, if successful, attackers divert texts or calls intended for the user to their own device. Not to mention, SMS services are not 100% reliable due to unforeseen network issues that may occur. Considering this, it’s not hard to see why enterprises have started to move away from basic MFA and towards authenticator apps. However, as long as MFA is still widely in use, hackers will continue to use it’s weaknesses to their advantage.
- Increased adoption of FIDO2
The FIDO alliance which uses open industry standards to help reduce the world’s dependence on passwords is rapidly becoming a viable option for strong authentication. Users have become accustomed to using finger or face scans to unlock their devices in seconds making it a familiar and seamless practice. Think of Apple’s TouchID. Executive director of the FIDO alliance, Andrew Shikiar believes that everyday devices that users are comfortable with play an imperative role in securing a passwordless future. Naturally, when authentication methods are too complicated, users tend to opt-out or find less secure work arounds.
The growing adoption rate is most visible with vendors like Apple who announced earlier this year that iOS devices will support FIDO2. That means, you can log into a website without a password but rather using FaceID or TouchID. As the network of FIDO supported devices increases, with members such as Google and Microsoft the possibilities of a passwordless future looks closer than ever before.
A look at cybersecurity in 2021
It’s clear that the work from home trend is swiftly moving into 2021. Enterprises will continue to develop applications to both offer customers more services and better serve them. Especially as we continue to maintain social distance measures. And with that, there will be a significant increase in cyber attacks. With all the good technology has to offer, unfortunately it also affords hackers many tools they can leverage in a very interesting, yet destructive, way. With technology evolving at rapid speeds, the most apparent cybersecurity trend for 2021 will undoubtedly be the need for secure and agile identity and access management.