Move past reliance on VPNs.
Many companies have put in place systems to allow their employees to work from home during the pandemic, and continue to work in a flexible capacity moving forward. But in many cases, they haven’t changed the way they secure their remote workers’ access, says Rana Gupta, Vice President, APAC, Authentication & Encryption for Thales’ Cloud Protection & Licencing (CPL) division.
We asked Gupta to explain how organisations can overcome digital access control challenges. Listen to his answers below in part two of our two-part Thales-sponsored podcast mini-series about zero trust security (listen to part one here).
Gupta says that a substantial portion of Australian organisations surveyed by Thales don’t have any deployed access management solution.
Many companies are reliant on VPNs and perimeter-based security models, which Gupta argues do not scale well and don’t suit the distributed nature of work today.
The alternate approach, championed by Thales and others, is the zero trust approach, which is enabled by highly scalable digital identity and access management solutions, such as the Thales’ SafeNet Trusted Access platform.
In the podcast episode below, Gupta talks about the practical implications of this approach – such as the level of access control that companies should consider for people in different departments and roles.
“Each role has to have the access to enough information and part of the business application to be able to do her function, but she shall not have the access to all the information, not even within her own department,” he says.
“And then you also have the IT people who need to be provided access to these business applications and systems for the purpose of their ongoing maintenance, but they shouldn’t have any access to any of the data at all. For example, someone from IT who was managing the payroll application –you wouldn’t want this person to get into or see all the data related to everyone’s compensation.”
This could become complicated. Gupta espouses Thales’ platform approach as a way to avoid problems managing multiple point access control products.
He also encourages companies to consider the possibility that their access management needs may change over time. “So don’t go with a feature by feature comparison,” he advises.