Preempt Blog

The latest insights and advice to keep your company protected from insider threats and breaches

Miami Loves Identity Security

In companies where remote access capabilities have not been established or expanded yet, IT security leaders are working out short-term solutions to manage the surge. Some of them might include requirements such as access to communication tools, file sharing, enterprise applications like ERP and CRM. By understanding what use cases matter the most to your business, you can deploy a solution that ensures secure access, and grants the required level of security and capability to immediately fulfill employee needs.

What motivates Fortune 100 companies executives to spend a weekend in Miami with Preempt?  Sorry, not South Beach, but rather “identity security.” Yes, really.

In early March, Preempt conducted a customer advisory board meeting with 12 key customers that spanned all verticals such as finance, healthcare, retail, and manufacturing.  The intent was to solicit key trends and drivers for these technology executives, to help drive strategic direction for Preempt.  In this post, I wanted to share some of the key insights as our customers reflect a broad industry trend – an increased priority in solving identity-centric security issues.  Many of which apply to a post-COVID -19 world.

Trend 1:  Identity and Access Management projects/teams are increasingly rolling up under the CISO/security teams.  50% of our customers already have IAM in security, and 20% of the remaining customers are looking at this structure. This is interesting, as a security view of identity can yield ROI and lower risk with security use cases in mind. The Preempt Platform provides use cases for both IAM and Security.

Trend 2: Hybrid is messy. Hybrid clouds – driven by digital transformation – see multiple cloud providers and identity provides/identity stores. Customers were struggling with keeping the ability for standard, uniform visibility, and control across all environments. Hybrid also meant taking into account legacy systems, on-premises, branch offices, and multi-cloud vendors. And interestingly, the executives said they in fact do not want to sole source their cloud transformation, so hybrid was a given.  The Preempt Platform leverages a policy-based approach to make it easy to have a consistent policy across clouds and identity stores.

Trend 3: Get more value. Time to value for security purchases is critical in any environment. What customers told us was that getting additional value with new use cases is becoming even more important. For example, a customer may have purchased the Preempt Platform for finding advanced security threats not easily found via log-based/SIEM solutions (for example, Pass the hash (PtH), golden ticket, etc.).  The customer then wanted to use the Preempt software to reduce false positives from, say, new remote access users that would result in calls to the help desk or force a security analyst to have to investigate. And yes, Preempt can do that.

Trend 4: User friction is a big thing.  Nearly everyone at the meeting indicated that user friction was a key issue for them.  User friction is the idea of how often IT forces users to challenge multiple times or use specific portals or workflows to authenticate themselves.  With policy-based, conditional multi-factor challenges, it is easy to leverage the Preempt Platform to lower user friction, enforce PAM product usage, or deploy a combination of scenarios.

Preempt is grateful for the participation and support we received not only during this event but from all of our customer advocates.

You can learn more best practices from these customer resources:

  • Solenis CISO, Adrian Giboi speaks on a webinar on how to reduce user friction with PAM
  • SSC Intralinks CISO, Anjan Bagchee speaks on a webinar on applying for Conditional Access
  • And, on our website, read and see from more customers.
  • Also, you can see detailed reviews from other customers on Gartner Peer Insights.
  • Finally, check out our detailed case study format webinar highlighting how a Fortune 50 company took 10,000’s of employees remote with appropriate security – fast.
Topics: Identity and Access Management,

Posted by Kapil Raina on April 7, 2020 4:11 PM

Product

Brute Force Attacks: Denying the Attacker, Not the User

According tohaveIbeenpwned.com, close to 8 billion accounts have been compromised...

Read More

Developer

What State-Sponsored Attacks Can Teach Us About Conditional Access

People often think that state-sponsored attacks from groups like Lazarus...

Read More

Events

A Simplified Approach to Network Segmentation

Network segmentation has long been one of the most valuable tools for protecting ...

Read More

Research

10 Things You Need to Know About Kerberos

As our research team continues to find vulnerabilities in Microsoft that bypass all major

Read More

Product

Brute Force Attacks: Denying the Attacker, Not the User

According tohaveIbeenpwned.com, close to 8 billion accounts have been compromised...

Read More