AusCERT 2017 – Identity is the new perimeter

AusCERT 2017 – Identity is the new perimeter

Todd Peterson, from One Identity, delivered the second part of the AusCERT 2017 opening keynote. One Identity may sound like a new business but it’s an offshoot from Dell EMC and Quest Software.

“If you think about all the attacks coming in, they boil down to identity,” said Peterson.

While your user account, said Peterson, might seem to be quite useless to an attacker, once a threat actor has access to a system on the network, whether that’s through remotely accessing a system or by using a physical attack vector such as compromised USB flash drive, they will attempt to move laterally through an organisation. During that exploration, they will seek weaknesses in the barriers between systems to exploit.

“If you can control who has access to what and you know who they are, you can cut off a lot [of attacks] at the knees,” said Peterson.

Peterson says it comes down to four “A”s; authentication, authorisation, administration, and audit.

Read more at – AusCERT 2017 – Identity is the new perimeter

Allidm Identity Access Management Post Image

Tags: