Efficient identity management can help protect against advanced persistent threats (APTs).
Speaking to SC Magazine, Lieberman Software CEO Phil Lieberman said that the challenge for administrators of millions of users is that there is little in the way of off the shelf software to manage thousands of users, and to do manual management is impossible.
He said: "How many certificates and passwords are there, millions on thousands of machines? No one has made that software so they try to write it themselves. Identity management is a point solution for remediation for scale. There are users at this scale, but if it is not automated it cannot be done.”
Lieberman said that there is a problem of a lack of security and a lack of process and while there was not a lot of demand in the past, there are nation-state attacks and attackers having better tools requires automation. So if identity management is not automated in terms of understanding information then everyone is a target.
“In the scenario of cyber war, you want every account and API to be limited in time and scope so every credential changes every couple of days. So every hash changes and we see companies acknowledge the scope of the damage; without automation how do you know what is happening? With automation you can be in constant rotation.”
Lieberman said that a company with 40,000 users will never be fully protected from spear phishing, so efforts will be made on detecting and minimising the damage. “Every identity is a physical paradigm, and every user has got something and the shift is what you do and how far you go,” he said.
“You cannot hire enough people to do this and there is not the software for it. I am not about spreading fear, I feel I have to say what is going on and if you know the methodology and what your users do, it needs to be managed and there are few tools available to solve the problem.”
He concluded by saying that automating identity only requires a few lines of code but it can cause major benefits for scale.