Ransomware Prevention with Okta
Author: Grace Dolby
Release Date: 17/10/2022
Ransomware, a type of malicious software that seeks to block access to your own files and data by holding them to ransom unless a fee is paid.
‘Ransomware is now responsible for 10% of breaches, and have doubled in number from 2020 to 2021, with approximately 37% of all businesses reporting they were hit with a ransomware attack in the same year’.
Most Recent Post:
Ransomware has now taken many different forms, from Supply Chain Attacks like the Kaseya VSA attack, which affected at least 1500 of its customers, to Ransomware as a Service allowing anyone and everyone to attack a business with pre-built code to pay and launch in minutes. Over 130 different ransomware strains have been detected since 2020, focussing on Education, Retail, and Professional and Legal services organisations as their key targets– which means there is no question that most businesses should now expect to be targeted with a potential attack.
Most security leaders we speak to are looking to evolve their security strategy beyond the traditional perimeter model, as our workforce is more disparate and many are working from home or on the road, meaning that trusting anyone inside a particular network is almost impossible, and for businesses who do enforce it find it is counterproductive for their workforce. Authentication with traditional integrations allows a user to access a resource often with the end user knowing their password, and with little control or visibility for any security personnel or administrator. With BYOD becoming the norm and users wanting to access applications from any device if required, contextual information such as device type, location, user behaviour and time of day can be used to understand if that authentication should be concerning or not. Yet, most authentication services that we traditionally use do not support this kind of contextual data for additional security factors or denial of access.
With Okta, Device Context checks the context of every authentication for every user constantly, which can either prompt for additional security measures such as Multi Factor Authentication, security questions or even a hard token. With a single ‘pane of glass’ view for each of your users; with their application, server, API, and end user accounts under a single user profile. This allows easy integration into best of breed apps that organisations may already have or want to adopt in the future, with one easy to access location for your workforce, customers or partners. By automating joiner, mover and leaver processes we can save hours of administrative burden and ensure that security policies, correct licensing and permission levels are set from the day one of user onboarding.
Vinted, a quickly growing online marketplace for buying, selling or exchanging new or secondhand items needed a platform that could automate manual tasks to improve their security posture without creating any friction for its users. Okta was able to provide integrations for 95% of their apps out of the box, meaning they onboarded thousands of users in a matter of days. Thanks to Universal Directory, the teams were able to discover and remove a huge amount of shadow IT such as duplicate licensing.
Similarly, Gatwick Airport is a rapidly growing organisation where over half of the staff work in operations such as security, on the airfield or in the terminals. The only access to internet was from one or two internet cafes, and the workforce would have to take time away from their day to day responsibilities to answer emails, intranet access or even communicate in real-time with other staff members. Since deploying Okta, the teams can easily access business applications from many different devices across the entire airport, with zero downtime in over 4 years, and a huge one million pounds saved annually in shadow IT and improved productivity.