Technology Record - Issue 32: Spring 2024

56 INTERVIEW Accessing quality security Joseph Carson shares how Delinea is helping organisations adopt privileged access management and enable a dynamic security landscape The majority of organisations today are dependent on cloud infrastructure, according to Joseph Carson, chief security scientist and advisory chief information security officer at Delinea. However, many organisations try to retrofit their existing on-premises security systems to their new cloud environment during the digital transformation process, which can cause a variety of issues. “It creates a higher risk because the existing security controls don’t typically work well in cloud environments,” says Carson. “They don’t give the same protection and because those organisations are working across a mostly hybrid cloud environment, they provide less visibility, resulting in a scattered security system.” Many organisations also rely solely on passwords and multi-factor authentication for security, but this can present further risks. “Employees often reuse passwords across multiple accounts,” explains Carson. “When you’re leaving employees to make these security decisions, you’re leaving your organisation open. Attackers are looking for this initial access and once they gain it, it becomes a free-for-all.” To combat this, Carson recommends that organisations integrate identity and access management into their cybersecurity stack. This is where Delinea can help. Delinea provides end-to-end privileged access management (PAM) solutions that focus on authentication and authorisation by making users prove their identity before allowing them access to assets. “If you’re an administrator and you need to log into a different cloud environment you will have to provide different methods of authentication depending on the type of application you’re accessing,” says Carson. “If it’s a system containing sensitive data, then you might need to do multi-factor authentication, or even have peer verification. This is then maintained for the duration of the session to ensure that your session hasn’t been stolen. “This is also beneficial for users, as rather than having multiple credentials and passwords for each environment they use, it becomes a single sign-on approach.” Delinea’s solutions apply the principle of least privilege, which is the foundation of a zero-trust approach. “The phrase ‘zero trust’ can have negative connotations as people don’t want to hear that they aren’t trusted,” says Carson. “However, we see it as zero-assumption and building trust. We’re assuming that security is not being met, and we’re offering a way that ensures your security solution is able to run in the BY AMBER HICKMAN Delinea helped the State of Michigan to implement PAM whilst complying with federal regulations Photo: The State of Michigan