{"id":6190,"date":"2025-12-12T07:00:00","date_gmt":"2025-12-12T07:00:00","guid":{"rendered":"https:\/\/cybersecurityinfocus.com\/?p=6190"},"modified":"2025-12-12T07:00:00","modified_gmt":"2025-12-12T07:00:00","slug":"how-to-simplify-enterprise-cybersecurity-through-effective-identity-management","status":"publish","type":"post","link":"https:\/\/cybersecurityinfocus.com\/?p=6190","title":{"rendered":"How to simplify enterprise cybersecurity through effective identity management"},"content":{"rendered":"
\n
\n
\n
\n
<\/div>\n

Identifying and securing ownership of assets can be a challenging task. In addition to multifactor authentication<\/a>, conditional and privileged access can help organizations to batten down the hatches. But introducing AI technologies often adds a nightmare of complexity.<\/p>\n

\u201cIt [using AI technologies] has been a huge challenge for organizations because policy management, compliance management and security touch on every single application and every single system,\u201d Naresh Persaud, US cyber digital identity and cyber AI blueprint leader for Deloitte says.<\/p>\n

Deloitte\u2019s industrial and financial customers save time with the consultancy\u2019s identity product<\/h2>\n

Recently, Deloitte worked with a large industrial customer after identifying that account ownership was sometimes unclear in their existing system. When an endpoint event was identified, it was difficult to trace who owned the targeted account and whether it existed under multiple names.<\/p>\n

\u201cWith identity management systems, we can link the named user of that account and at the same time we can identify whether the account was vaulted in an identity in the privileged access management system,\u201d Persaud explains.<\/p>\n

The system also identifies any other accounts associated with a user so they too can be examined for any evidence of intrusion. Persaud refers to this as the blast radius.<\/p>\n

\u201cIf I compromise a privileged account, I might be able to use that account to reset the password for other accounts,\u201d he says. \u201cImmediately identifying the blast radius, determining an appropriate response and putting that information into the alert \u2014 that gives the analyst in the security operation center much better telemetry than they had before.\u201d<\/p>\n

The system helped connect pieces of the puzzle that might otherwise have to be done manually. The security analyst who flagged the issue would have needed to contact an identity system administrator \u2014 an inefficient process in even the most well-oiled operation. Identifying those points of contact and automating the communication process made for a much more efficient response.<\/p>\n

Time is often consumed by attempting to map the data related to an incident to the MITRE ATT&CK framework, for example. Industry analysis suggests this can take up to 30 minutes. \u201cWith AI enablement an analyst can drastically reduce this time up to 70-80%,\u201d Persaud says.<\/p>\n

Persaud claims that the Deloitte solution was able to simplify the documentation. It created a dashboard that identified related accounts that were not vaulted and allowed for closer review of privileged accounts. Unvaulted accounts could be vaulted in short order and any vulnerabilities in privileged accounts could be pinpointed and addressed. This provided a higher level of precision to the way the customer does security now compared to before.<\/p>\n

Deloitte also worked with a financial services client that had a similar visibility issue.<\/p>\n

\u201cIt is challenging for a lot of organizations to get a complete picture of what their assets are and what controls apply to those assets,\u201d Persaud says. He explains that Deloitte\u2019s identity solution assisted the customer in connecting users with the assets they utilized. As they discovered these assets, they were able to fine-tune the security controls that were applied to each in a more refined fashion.<\/p>\n

\u201cIf the system is going to [process] financial data and other private information, we need to put the right controls in place on the identity side,\u201d he says. \u201cWe\u2019ve been able to bring those two pieces together by correlating discovery of assets with discovery of identity and lining that up with controls from the IT asset management system.\u201d<\/p>\n

As a result, the users were able to more quickly integrate applications.<\/p>\n

How apexanalytix uses Microsoft Azure to manage identity security<\/h2>\n

\u201cIdentity protection is one of the critical controls for any organization in terms of protecting digital assets,\u201d Vishal Grover, CIO of supply chain management platform provider apexanalytix says. \u201cBut it is important to maintain the balance between restriction and business requirements.\u201d<\/p>\n

Apexanalytics has used Microsoft products, such as Defender, for more than a decade. \u201cInitially, we were primarily using it for antivirus. Then advanced threat protection came into the picture. Then identity protection. We kept adding more controls and more validations to strengthen the entire security posture,\u201d he tells.<\/p>\n

The company has been particularly concerned about the increased identity risk<\/a> as it expands its international footprint \u2014 notably opening offices in Hong Kong in 2016 and Saudi Arabia in 2024. As the offices interact and employees travel to other locations, it is crucial that any access to its systems is verified as legitimate.<\/p>\n

Their security team has deployed Azure Active Directory (AAD) to verify geographical boundaries \u2014 the locations from which employees might reasonably be expected to access their systems from. For example, if an employee based in the US who rarely travels attempts to log in from a remote location where they are unlikely to be, a red flag is immediately raised. Unless the user\u2019s physical presence in that location can be verified, their credentials have likely been compromised.<\/p>\n

\u201cFrom a user perspective, anytime someone is traveling outside of their base location, they need to reach out to the IT and security teams to list their specific location,\u201d Grover notes. The adoption of these policies requires reasonable adjustments to user behavior and company policy. But the rewards are substantial.<\/p>\n

\u201cIf you think from a broader risk management perspective, this has been fundamental to our security model,\u201d he says. The ability to simply track the locations of employees and assign risk accordingly is a significant advancement in risk monitoring for a company growing its international presence. The company looks out for instances of impossible travel, such as if an employee has entered the system in one location and then in another at a distant location that they could not have possibly reached during a specified period, an alert is raised.<\/p>\n

Security analysts also use the software to scan for risky sign-ins. If a user logs in from an IP that has been blacklisted, an alert is raised.<\/p>\n

They have increasingly relied on conditional access policies that rely on monitoring user behavior. If a user typically spends an average amount of time on certain applications and then radically changes their behavior the activity is flagged and investigated.<\/p>\n

The company continues to evaluate its policies at least quarterly in order to ensure that they accord with its evolving business strategies. Grover feels confident that Azure\u2019s capabilities are up to the task but remains vigilant to new potential vulnerabilities that will need to be addressed.<\/p>\n\n<\/div>\n<\/div>\n<\/div>\n<\/div>","protected":false},"excerpt":{"rendered":"

Identifying and securing ownership of assets can be a challenging task. In addition to multifactor authentication, conditional and privileged access can help organizations to batten down the hatches. But introducing AI technologies often adds a nightmare of complexity. \u201cIt [using AI technologies] has been a huge challenge for organizations because policy management, compliance management and […]<\/p>\n","protected":false},"author":0,"featured_media":6191,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3],"tags":[],"class_list":["post-6190","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-education"],"_links":{"self":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts\/6190"}],"collection":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"replies":[{"embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=6190"}],"version-history":[{"count":0,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts\/6190\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/media\/6191"}],"wp:attachment":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=6190"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=6190"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=6190"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}