© 2022 CyberNews - Latest tech news,
product reviews, and analyses.

If you purchase via links on our site, we may receive affiliate commissions.

Nick Evans, SecurEnvoy: “cybercriminals are getting smarter at pretending to be you”

Threat actors are using obtained personal information to impersonate users, and they are getting better at it than ever.

If you’re wondering what a cybercriminal can do by impersonating you - the possibilities are endless. In fact, while credit card information is only worth 8-22$ on the dark web, the price for complete medical records can go up to 1000$. After stealing one’s identity, a threat actor can take out loans, sign a lease, collect insurance payouts, and even commit crimes in the victim’s name. By impersonating a representative of a large brand, they can trick thousands more people into sharing sensitive information, both personal and financial. However, there are sophisticated solutions that can make it much harder for malicious actors to impersonate you or steal your data.

Nick Evans, Partner Enablement Manager at SecurEnvoy, talked us through their approach to securing identities, access, devices, and data, as well as discussed newly emerging threats and challenges in the identity protection field. SecurEnvoy offers free trials to all of their solutions, so you can quickly and easily see how they can help you. To get access to what you need, go to the 30-Day Free Trial of IAM, MFA, DLP and DDE Solutions.

How has SecurEnvoy evolved since its launch almost two decades ago?

SecurEnvoy launched in 2003 by producing one of the first “Tokenless” authentication solutions. Whilst other authentication vendors were having users authenticate with a hardware token (Dongles and cards that produced a “One-Time Authentication” code), SecurEnvoy pioneered the use of SMS-based authentication codes during the initial boom of mobile devices. This helped businesses save money as well as provide a seamless end-user experience.

Traditionally making an “On-Premises” solution, our offering has evolved as cybercriminals have also evolved and we have spent almost 20 years constantly developing our Multi-Factor Authentication (MFA) solution resulting in at least 15 different end-user authenticator options. With businesses adopting the cloud, by fully embracing using cloud-based apps to run their businesses, we developed an Identity and Access Management (IAM) solution. Since 2019, our IAM solution has been helping organizations by providing industry-leading authentication options including:

  1. Universal Directory – supporting Google Directory, Active Directory, and Azure Directory
  2. SSO – Single Sign-On to Cloud Applications (Saml, WS-Fed, and OpenID)
  3. Location-Based Authentication Metrics
  4. Windows & Mac Logon Agents
  5. Access Policy Management

SecurEnvoy’s product roadmap really fits in with our predictions that by 2023, a new category of SaaS-delivered, converged IAM platforms will be the preferred adoption method for IGA, AM, and PAM in over 45% of new IAM deployments – this is a huge opportunity for SecurEnvoy.

Michael Kelley, Gartner Research Director

With data growing at such a rapid pace, could you tell us more about Data Loss Prevention and Data Discovery? Why are these practices becoming more important?

In 2021, cybercrime is a bigger threat than ever. It seems that you cannot go a day without seeing how cybercriminals have bought a business to its knees by infiltrating a corporate network and holding their data and hardware to ransom. Ransomware, although not new, is a massive concern for businesses around the world.

In 2021, the largest ransomware pay-out was made by an insurance company at $40 million, setting a world record.

Business Insider, 2021

Data is more at risk today than it has been before, and businesses are now realizing how they need to understand what their data is, where it is, how it is being used, and who it is being used by. More importantly, they need to make sure that only authorized individuals can access that data. Data Discovery solutions allow businesses to really understand what their critical business data looks like by classifying that data, whilst Data-Loss Prevention (DLP) solutions allow companies to understand the identity of the user, the device, and the data they are working on to prove exactly who is doing what at any time.

Our DLP solutions are unique from competitors as we address threats from trusted and untrusted users, through unique intellectual algorithms and fingerprinting features and our DLP conducts real-time inspection of all protocols, even ones that are unknown, and can stop data loss immediately.

You often talk about your vision of identity and security beyond boundaries. Can you tell us more about this approach?

Identity of the user, device, and, in time, data, all coupled with the fact that we will soon have a user’s “absolute location”. SecurEnvoy will be able to pinpoint exactly where a user’s login/authentication is happening by coupling GeoIP, and Cell Site data. Currently, solutions tend to only look at certain aspects of the data, whereas we will be looking at ALL aspects of the data (User identity, Biometrics, Device, and Location)

We will be able to capture the exact location of the device and user, and with that information, we will be able to tackle “the impossible login” concept: How are they logging into their laptop in London, but their mobile device is in Sweden?

Has the pandemic presented any new challenges to the identity protection industry?

Remote working is a massive topic right now, with a lot of businesses having to completely change how their staff currently operates. Covid-19 meant that a lot of people had to start working from home, overnight. Many businesses had never thought that they would have to manage remote working staff, so tools and security solutions were not in place to enable them to maintain a safe and secure network. Many employees were left simply to log in to their systems with a Windows/Mac login password and nothing else. Quickly, businesses realized that they needed MFA and IAM solutions in place to lock things down and only allow authorized people access to their sensitive data. On the back of the pandemic, there has been a massive boom in organizations visiting the MFA/IAM market.

Recently, the discussion around cyber insurance started to gain traction. What protection does it provide and which organizations should look into this service?

We find that a lot of businesses are being forced to have cyber insurance in place when looking to renew or start other business insurance policies. Insurance providers know that cybercrime is a real and rising threat, so the cost of insurance is high and chances of recovering all/any lost money are slim. Cyber insurance policies typically cover the cost of investigating a cybercrime, recovering data lost in a security breach, and restoring computer systems and networks. Like all insurance, it’s great to have, but surely it is better to have a much stronger cyber security plan in place and arm yourself AGAINST an attack than to leave yourself open to one. Cyber insurance providers are now starting to demand that businesses have MFA in place before they will allow a policy to start, as a key basis for any business’s security “must-have” plans.

Since many businesses have adopted the work from home policy, security risks have increased. Which bad habits online are often overlooked but can cause serious damage to companies?

A real problem for a lot of enterprises is human behavior.

  1. Using the same password repeatedly makes it easy for criminals to get in.
  2. Opening malicious emails and allowing viruses can allow malware to enter the corporate network.
  3. Being slow to upgrade and patch solutions so they are as secure as possible can open up vulnerabilities.

All these things you can only improve by constantly working with and training workforces. “Insider threats” are real, and it is a business’s responsibility to identify and train those people to become as small a threat as possible.

Organizations are rightly focused on external cybersecurity threats to protect their data internally. However, with increasing amounts of sensitive data spread across an organization, and the ease with which data can be shared instantly online, how can you make sure that data is protected from theft or accidental sharing by employees?

What security practices would you consider essential for businesses nowadays?

Authentication is the basis for a strong security posture and one of the first solutions that should be implemented in the efforts to increase security.

Another issue we see is businesses not understanding where their data is, what their data looks like, and who has access to that data. Solutions like Data-Loss Prevention (DLP) and Data Discovery tools help organizations get a solid understanding of that. With that information, organizations can lock down access to certain areas of business, and rules and policies can be implemented at a personal or group level.

What do you think is going to be the next major threat in the identity protection field?

Non-human identities. For example, items like scripts, scheduled tasks, batch jobs. The things that go bump in the night that aren't human-triggered but are still using credentials to access systems to provide info, run commands, or checks. This could extend to APIs to retrieve info on a wider scale or run commands.

These activities are easier for attackers to spot, from a recon perspective, it's easier to find patterns in behavior. Passwords are regularly stored in clear text files or strings and are infrequently changed due to the nature of provided services, as often essential business services run under these credentials (banking platforms etc).

It's one thing to secure by proving who the humans are at the point of authentication. We think the next major threat to identity protection will be encompassing robots and automated tasks - how can a service account or API call be verified, before the information is provided?

And finally, what’s next for SecurEnvoy?

Anomaly detection and analysis of the data we are capturing during authentication. We will be able to look at the user, how they have connected, how they have authenticated, and understand whether it is their normal behavior. If not, should we be providing another level of authentication during this login attempt?

Cybercriminals are getting smarter at pretending to be you. Our aim is to make it as hard as possible, and machine learning, anomaly detection, and data analysis are going to help us provide an even tougher safe to crack.

Leave a Reply

Your email address will not be published. Required fields are marked