Industry Voice: Combat cyber-attacks with effective CIAM

clock • 3 min read
Industry Voice: Combat cyber-attacks with effective CIAM

The progressive digitisation of work and how customers interact with services means that organisations' security must keep pace. As devices proliferate and users expect remote access, cyber-attack surfaces grow, and infrastructure vulnerabilities can occur.

Ensuring reliable and secure Customer Identity and Access Management (CIAM), has therefore never been more important.

Computing's latest research into this subject, conducted in partnership with ForgeRock, explores current cybersecurity concerns and why effective CIAM is vital.

Of the 150 IT leaders surveyed, 57 per cent have experienced an increase in the frequency of cyber-attacks involving customer-facing digital platforms in the last two years. Alarmingly, around a third admitted such platforms had been accessed at least once by someone falsely posing as a customer, in the last year alone.

Increasing complexity and occurrence of attacks

Phishing, ransomware, spyware, social engineering attacks, and more are all progressively sophisticated and frequent. Insufficient authentication and authorisation processes make breaches and identity fraud more likely to occur. With this, organisations are left vulnerable, and customers lose trust - both severely damaging to an organisation's reputation.

Choosing a Zero Trust approach to your customer-facing infrastructure ensures verification is continuous, greatly limiting the spread and scope of breaches. CIAM platforms determine who is requesting access, whether they are authorised to do so, and if they can prove they are the entity they claim to be. By combining this with a broader Zero Trust model that assigns the least trust required for each user and endpoint to operate effectively, you minimise the access granted by any adversaries. The days of ‘trust but verify' should be long gone.

Context-driven Multi-Factor Authentication (MFA) and other modern CIAM solutions combat poor cyber hygiene, removing the onus from the user, as well as the friction, streamlining services but constantly verifying. This is recognised by IT decision makers who identified the most important features for choosing a CIAM vendor as end-to-end encryption, adhering to compliance standards, secure password policies/passwordless, and MFA.

Don't compromise on user experience

But how can organisations balance security and customer experience, if the common perception is that developing and nurturing one will diminish the other?

Securely identifying and authenticating users when they access services, even from a range of different devices, need not be laborious and manual. In fact, seamless simple interfaces are expected now.

In a market where not all CIAM solutions are created equal, more advanced platforms solve the challenge of organisations integrating a CIAM environment that provides optimum security and user experience, simultaneously helping to understand, serve and secure customers more effectively. Bringing all this to a single platform can even enhance customer experience, tapping into user recommendation systems and providing a seamless, connected ecosystem. Those that have adopted advanced CIAM solutions are significantly more successful in achieving good customer experiences, ROI, compliance, and customer security - without compromise.

All organisations are at risk. It is not a question of if, but when you'll be attacked. Given the impact an incident can have on reputation, growth, revenue, and trust, organisations must consider the efficacy of current CIAM solutions.

To learn more about Computing's latest research into overcoming CIAM security and user experience challenges, read the full report.

 

This post is sponsored by ForgeRock 

More on Management

Channel Co CEO Blaine Raddon

Computing acquired by The Channel Company

Computing and its sister titles CRN and Channel Partner Insight were acquired by market-leading US-based technology media business

Stuart Sumner
clock 06 April 2022 • 2 min read
"There's nothing wrong with monoliths, but it can inhibit your velocity," says Very Group CIO Matt Grest

"I don't want technology to be a constraint": Why The Very Group is shifting to microservices

It's no longer a surprise to hear about sweeping digital transformation programmes.

Tom Allen
clock 24 March 2022 • 4 min read
Industry Voice: The Secret to Setting Up a Successful Digital Workspace

Industry Voice: The Secret to Setting Up a Successful Digital Workspace

VMware
clock 16 March 2022 • 3 min read