The growth in technology and digitalisation of virtually all business sectors has transformed the way in which we all work, moving away from manual processes. New innovations continue to improve products and services at lightning pace.
While we enjoy the benefits technology brings, with great opportunity comes great risk. Bitkom, Germany’s Digital Association’s latest report from 5th August 2021 reveals a dramatic increase in cyber attacks between 2020 and 2021 for German Organisations. Bitkom calculated that cyber crime causes over 220 Billion Euros each year and is continually on the rise.
‘Extortion, system failures and operational disruptions more than quadrupled’
All organisations are at risk, a more alarming statistic that came out of the report is,
‘9 out of 10 companies have experienced a cyber attack within the last year’
The targets of cyber criminals are expanding rapidly, attacks on small and medium business are becoming more prevalent and complex as are attacks on public facing organisations such as schools, universities and healthcare.
The most popular methods used to gain unlawful access to companies have been:
- Social engineering targeting Home Office employees
- Malware, DDOS attacks and spoofing
- Ransomware attacks
All employees and customers with login credentials are at risk of cyber attacks, each set of credentials presents an opportunity to access protected resources. An overwhelming majority of cyber attacks are based on stolen and misused credentials. All passwords are susceptible to breach, theft, and attack attempts. Over 70% of organisations still rely on a password-centric authentication approach.
Resilience has become the new goal of the German economy. Companies are required to focus on complex Information Security tasks as well as performing their day jobs to the highest standard, remain economically viable and continue to deal with the pressure of the global pandemic.
Less well known is the fact that there is a distinct lack of security experts available for hire. Asking developers without a strong security background or inclination to perform security tasks can open up your organisation to risks, for example a technical misconfiguration can expose sensitive data or system access to the wrong people. Similarly, employees on the business side may not have the correct specialist skills and experience to implement a robust Identity and Access management plan.
With Okta’s Identity as a Cloud Platform, it’s possible to implement custom tailored security controls and solutions with low and no code options for Workforce, CIAM and B2B scenarios.
Multi factor authentication is one of the simplest ways to prevent the most common cyber attacks:
Okta reports that companies implementing MFA have reduced their risk of attack by up to 75%. Okta’s out the box MFA implementation allows you to choose from a wide range of factors that best suit your use case:
Okta also offers an advanced MFA product. You have the flexibility to apply different factors to different groups of users, based on different user behaviours, geo-locations, IP networks and more. Thus, creating your own risk-based authentication model.
Passwordless authentication is also on offer with this product. Passwords are more frequently becoming recognised as the main source of cyber attacks. Factor sequencing and email-based magic links are two of the top methods to implement this process. Factor sequencing deploys multiple MFA factors of your choice to replace a password entirely.
It's worth mentioning that users have the ability to enrol in and reset their MFA factors, saving time and resources on IT Helpdesk teams.
The traditional security controls implemented with the network perimeter are no longer valid in cloud and mobile environments. A new security landscape must be adopted by organisations. Okta’s Idaas Platform incorporates modern authentication protocols and offers Organisations a way to easily and transparently begin their Zero Trust strategy.
There are many more ways in which Okta can secure your organisation. For a free demo or chat based on your use-case, please send us an email at [email protected]