by Tyler Reese, CISSP, Director of Product Management at Netwrix
Critical infrastructure attacks increased by 30 percent in 2023. While all organizations are subject to cyber threats, the challenges involved in mitigating risk differ by organization size. This article explores three main challenges that large enterprises face in ensuring data security and offers effective strategies for overcoming them.
First Challenge: Complexity
An enterprise organization typically has a large and diverse workforce that comprises not just employees across multiple departments but temporary contractors, third-party consultants and outsourcers, and supply chain partners. These users rely on a wide range of devices, including both company-supplied PCs and laptops and user-owned tablets and smartphones.
This complexity necessitates a sophisticated set of security controls, which can be difficult to establish and maintain. Moreover, the fast-paced working environment can lead users to neglect security protocols, creating security gaps that adversaries can leverage.
To overcome this complexity challenge, large organizations should start with identity governance and administration (IGA). A quality IGA solution will help ensure that the right users get access to the right resources at the right time, no matter which part of the complex IT infrastructure they use. It will automate provisioning throughout the user lifecycle, from joining the organization through role changes to offboarding. This helps ensure accuracy and also reduces both the motivation and opportunity for users to circumvent IT control. Plus, by promptly eliminating identities and access rights that are no longer needed through IGA, the organization can significantly reduce its attack surface.
Second Challenge: Legacy systems
Unlike fully cloud-based startups, large organizations often have a combination of legacy and modern systems. Older technologies can still be in use for many valid reasons, like compatibility with important applications or high upgrade costs.
However, reliance on older systems introduces security risks. Most vendors stop supporting older versions of their technology after a specific end-of-life date, after which no security patches are issued. Plus, legacy systems often are not designed with security first principles and may be incompatible with modern security tools and solutions, making it difficult for organizations to detect and respond to cyber threats.
Ideally, legacy IT systems should be retired. In cases where that is not feasible, organizations can use network segmentation to isolate legacy systems from the rest of the network to limit the potential damage in case of a cyberattack.
Third challenge: Massive amounts of data
Large organizations often store massive volumes of data, so keeping all content properly secured is a monumental task. A good place to start is by tackling outdated or obsolete data. This data increases maintenance and storage costs and diverts the organization’s limited resources from securing sensitive data currently in use. An automated data governance solution can help identify redundant and unnecessary data to mitigate risk.
Data cleanup is useful but by no means sufficient. The organization also needs to tightly control and audit access to sensitive and regulated content. Automated data discovery and classification will help them understand what data they have and grant appropriate access rights, and a robust auditing solution will help track user activity and spot threats. A modern privileged access management (PAM) solution will further enhance access control by granting users privileged access only when they need it for a particular task and providing real-time monitoring and historical analysis of all privileged activity.
Conclusion
Enterprise organizations have complex IT systems with many users, legacy systems and vast amounts of data. Ensuring security requires a multi-layered approach that includes robust identity and access management, data governance, data discovery and classification, and privileged access management. By automating these vital security processes, organizations can reduce operational burden while increasing cyber resilience.
About the Author
Tyler Reese has over two decades of experience in the software security industry and holds a current CISSP. His professional experience ranges from identity and access management (IAM) consulting for Fortune 500 companies to being an enterprise architect of a large direct-to-consumer company. As a product director for the IAM portfolio at Netwrix, he is responsible for evaluating market trends, supporting relations with the analyst community, setting the direction for the IAM product line — and ultimately, fulfilling the needs of end-users.
