All right, folks greetings all here. I am dialed in remote, halfway across the world. And yet I can sense the excitement and energy in the room on this first day of the conference here.
And, you know, while being remote, it's become a way of our life. Hasn't it, the way we conduct business, the way we interact. And for that matter, the way we attend conference and deliver keynote speeches, it's also become a way of life for the hackers. Identity is surfacing as a new battleground and as a key cybersecurity exposure gap.
Now here, you can see some very clear examples of organizations that were impacted by credential based acts, including the colonial pipeline, solar winds, the us office of personal management that have all made headlines in the past few years. Why?
Well, 63% of data breaches are caused, of course, often inadvertently by internal staff organizations.
Aren't doing enough to protect their credentials, which is why credential related attacks have increased by more than 50%. And nearly half of all our users have more privilege than his or her job requires is, and further compounding the problem.
You know, the way organizations manage identities is quickly become out, becoming outdated. Now, if you look at a, a typical large enterprise, they have 25 different systems to manage access rights. This approached worked well when there was less complexity in the enterprise, but as we add complexity, a disjointed approach now constraints, visibility, and makes it harder to get a complete picture causing gaps, inconsistencies, and even more risks.
Ladies and gentlemen, I'm rebar vice president of products here at one identity.
And I'm thrilled to be speaking here at the European identity conference, 2021 to discuss the topic cloud without compromise. And in the next 20 minutes, let's, let's talk about what tools businesses should use and should look for in an identity centric, security to mitigate modern risks.
You know, Martin, you, you pointed out rightly you know, honestly, I could speak on this topic for hours, but let's time box it for this session. We will discuss it as it relates to governance and privilege access management.
Now in talking to most of the CSOs and the CIOs, these three have emerged as primary focus for them in today's environment. So let's talk about them. I'd like to understand if your governance and your privilege access strategies can provide adequate protection against the modern cloud infrastructure threats.
Let's understand what are these modern threats that I speak of and what do you really need to do to combat then number two, I'd like to talk to you and understand how you're enabling secure privilege access for remote users. See the reality folks here I am dialed in remote. So what tools and strategies are you considering last, but not the least governance and administration and privileged access management are merging for a complete, to be a complete unified identity security. And if that is so, how are you adjusting your security tactics and strategies to prepare for the same?
All right, so let's get started. Let's start with understanding if your, your governance administration and your privilege access strategies is keeping with modern threats.
You know, adoption of public cloud services is growing rapidly. As more organizations are prioritizing digital business initiatives, but let's look at some of the growing concerns these organizations are facing today with more adoption comes associated, increased risks due to the concentration of workloads in the public cloud.
And as a number of identities and entitlements increases, organizations are finding it increasingly difficult to accurately manage these entitlements as evidenced by the rise in cloud outages, due to customer misconfigurations also organizations often rely on scripts and tedious manual configurations that are susceptible to errors and do not provide a visual way to a more easily detect and allow them more easily detect unnecessary access. This is exponentially complicated. As more organizations are, are adopting a multi-cloud strategy.
Of course, all cloud infrastructure users are super users with privilege access to resources, service, and management entitlements that if used inappropriately folks, it could cause considerable disruption to the business among all cloud models. Infrastructure is a service is a model for which most access responsibility falls on the client organization. This is a hard fact. We all have to realize. So for all, the reasons mentioned about there is an increased risk that attackers will exploit these misconfigurations as evidence by the recent data breaches.
In fact, it is predicted that 75% of security failures will resolve from inadequate management of identities, accesses, and privileges.
Now, traditionally organizations have used identity governance and administration and your privilege access management tools to manage and secure privilege AC access across organizations. It infrastructure, these tools were targeted to manage native accounts such as your operating system, database application accounts and entitlements within your data center infrastructure.
What organizations need is a set of tools to ensure that the privilege accounts and entitlements across the cloud infrastructure are consistently managed and assign following the principle of least privilege administrative access to the cloud infrastructure must also be properly monitored, controlled, and protected. At one identity, we have taken novel approach to helping organizations protect their cloud infrastructure from excessive permissions. We treat all cloud infrastructure accesses as privilege access.
The main objective is to embrace privilege access management principles of least privileged approach to the cloud entitlements. And that's reduced the longstanding privileges and introduce just in time privileged capabilities.
Next we cloud infrastructure credentials as part of enterprise, your IGA processes by using your, the capabilities to extend the identity redefined access certification access request to clouds.
Of course, customers have options to go with standalone tools, but our approach helps to avoid redundancy. And in turn provides a single pane of glass for security, security, and management of extending the principles of IG and Pam to the cloud.
Finally, as organizations are adopting multi-cloud platforms, they require tools to offer the same at one identity. Let me just, okay. Let's not change our focus from cloud infrastructure and threat related to the cloud to, or how are organizations trying to keep check from the remote workforce?
Now, the question to ask here is, is your business coping up with providing secure privilege access for everywhere enterprise? Now, clearly COVID 19 crisis has accelerated right shift towards remote workforce workforce around the world are told they can no longer work from their offices and their everybody's working from home.
Now in an instant, the traditional office environment has transformed to an everywhere enterprise.
You know, the COVID 19 pandemic has escalated the requirement for properly managed remote privilege, access to critical systems, external it workers now need privilege access to corporate resources, organizations of all sizes, third party contractors, vendors, technicians in the like they wanna carry out remote privilege access, admittedly, lack of proper security controls and use of personal endpoints, which might not be compliant, have led to increase in cybersecurity. Fishing continues to be hand in hand and has led to 25% of the breaches. So this is a problem folks.
And the question is, how do you mitigate this? Now? Most VPN based solutions themselves are unable to provide that granular access and take all or nothing. Approach organizations are shifting access to ZT and a zero trust network access. But these tools do not provide the monitoring and the security controls for privilege access in this situation P continues to be one of the top security controls implemented by the organizations.
One identity safeguard remote access is a cloud based agentless, VPN three privilege access solution. Now it's one with its next generation P technology.
This remote access tool leverages the HDML five client protocols and cloud ad to connect to your remote admins and other resources safely and securely regardless of the user system or this resources they're trying to access the connection. Logistics are all handled in the cloud. And guess what? All this comes with the goodness of session, recording session, archiving session monitoring, session analytics, and more finally folks, I like to bring home this session, this today's conversations, the importance of a unified identity and security strategy.
Now pictured here.
This is an emerging model that is unified, right identities at the center. People application and data are all aligned as one. Now this allows you to verify everything in contrast to the old ways of doing things. This new identity centric model allows you to one hardened privilege instead of hardening the endpoints, ensure all identities are correlated and visible, remove friction with better integration, manage identity consistently and better and more quickly add, remove, and adjust privilege just in time.
This folks is the unified identity security strategy that many are adopting at one identity. Our unified identity security approach is again, highly differentiated. We allow customers to correlate everything across their multi-generational ID landscape. We enable customers verify everything, which then allows them to answer the hard questions like who has access to what and why I approach is dynamic. Meaning that customers can evolve their infrastructure and threat as the threat landscape changes.
So it's important to underscore that as at that at one identity, we pride ourselves as a vendor to deliver on all these important items. And with that folks, I hope you enjoy today's session as much as I enjoyed delivering it to you. I thank you all for your time. And if you have any questions, you know where to reach me with that, have a great rest of the day and Martin, back to you.
