Elevate Identity enables security teams to automate customization of conditional access policies
Elevate Security has released Elevate Identity, its SaaS offering for Identity and Access Management (IAM) Professionals that integrates Elevate’s user risk profiling capability with IAM tools such as Cisco Duo, Crowdstrike Falcon, and Microsoft Azure AD to add a full 360° perspective of each individual’s cyber risk to the authentication and authorization process.
Additionally, the Elevate Identity service integrates with Identity Governance tools such as Sailpoint’s Identity Security Platform to automate personalized access reviews based on changes in an individual’s user risk profile.
New research from Elevate and Cyentia Institute recently determined that High Risk users represent approximately 10% of the worker population, and are found in every department and function of the organization. While they make up a small percentage of the population, High Risk users represent a sizable threat to the organization.
Traditional IAM methodologies rely on a limited dataset to determine the user risk behind any individual access attempt – typically only credentials, location, network, and device are known – leaving many areas of user risk open to attacker exploits, and limiting security team options for making and applying personalized conditional access policy decisions.
Without visibility into user risk at the time of authentication and authorization, all users must be treated generically, increasing chances of over-provisioning access to a high risk user, or worse, letting an adversary in and allowing them to achieve persistence.
Elevate’s User Risk model analyzes billions of independent data points from across the organization and beyond. Factors such as worker susceptibility to real phishing, sensitive data handling, safe browsing, and password management along with demographics and other characteristics are continually aggregated and updated into detailed, transparent, high-confidence user risk metrics.
By integrating this rich user risk data into IAM and Identity Governance Administration (IGA) tools and processes, security teams now know the true risk characteristics of each worker attempting to access their systems, including an individual’s vulnerability to the pernicious social engineering attacks currently making headlines at ridesharing, password, gaming, and healthcare providers worldwide.
With this data in hand, defenders can automate customization of conditional access policies. For example, Elevate may determine that a particular engineer, with access to company source code, is being targeted by attackers with increased frequency, and has recently visited an insecure website.
Once identified as a ‘High Risk Engineer’ by Elevate, this individual is protected by specific IAM policies, such as forcing password-less multi-factor authentication, requiring a company-provided device, or limiting access to sensitive materials.
Without individual User Risk data, these types of conditional policies and user protections cannot be applied reliably or scalably. While it’s appropriate and warranted to apply this level of protection to a small subset of high-risk users, attempting to subject all users to such policies would harm productivity, and elicit strong pushback from workers and business unit managers.
With Elevate Identity, security teams can have the best of both worlds – individual protection for those that need it, and productivity and satisfaction from the vast majority of users who represent less risk.
Integration with identity governance tooling enables Elevate Identity to also automatically initiate an access governance review solely for the aforementioned high-risk engineer, ensuring compliance and auditability by ensuring their access permissions are always aligned to both business need and their individual user risk profile.
Identity and Access Management is a top priority for IT and Cybersecurity professionals in 2023, with industry analyst firms urging clients to optimize their IAM and IGA infrastructure.
In its recent Executive Order on Improving the Nation’s Cybersecurity, the White House called on Federal agencies to urgently reexamine and up-level identity, credential, and access management capabilities.
Elevate Identity has been shown to pay for itself in less than one year through a 20-50% reduction in security incidents involving a negligent employee or contractor. The cost of a single such incident was determined by Ponemon Research to be $307,111, with the average time to contain such an incident averaging 77 days. The study found that the average organization faces more than one such incident per month.
“With comprehensive user risk data informing the Identity and Access process, defenders have a simple, transparent, and effective method to apply personalized protections aligned to individual vulnerabilities,” stated Elevate founder and CEO, Robert Fly.
“The ability to make better decisions, in real-time, at scale, during this critical stage of the kill chain is an absolute game changer in the fight against human-centered attacks,” Fly added.
“A one-size-fits-all approach to securing user access will not guard against threat actors skilled at targeting people susceptible to engagement with deceptive online interactions or prone to poor judgment computing behaviors,” finds Ed Amoroso, CEO of TAG Cyber.
“Organizations must be able to easily identify their most ‘at-risk’ workers and continuously quantify their potential likelihood of initiating a worst-case security incident. By wrapping these individuals with conditional access policies based on their relative human risk, enterprises gain a powerful new component in their defense of critical business assets, while also pinpointing areas for security awareness improvement,” Amoroso concluded.