ISACA and ISOG: Key Takeaways from Two Major online IT conclaves

ARCON created quite a buzz in a couple of back to back virtual global events recently. The keynote sessions by Mr. Anil Bhandari, the Chief Mentor of ARCON, on both the occasions added immense value to the knowledge-sharing and learning platforms. Here is a brief account of the sessions.

On 29th July 2020, ARCON shared the views on “2025: A Watershed year in Information Security” through the voice of Mr. Bhandari in ISOG (Information Security Officers’ Group) event, Philippines. While Philippines is holding the fifth position on the list of cyber-attacks (as per BusinessWorld report), this virtual event hammered on the awareness of modern IT security solutions in entire south-east Asia. With the IT environments changing rapidly in the region, cyber incidents are also rising exponentially. Virtual ISOG, in this juncture, fueled the security preparedness where ARCON extended its helping hand with the exclusive inputs for a secure modern IT infrastructure. Needless to say, hundreds of attendees warmed up their seats to acquire relevant inputs from this session.

Privileged Access Management – An Overview

Key Takeaways from ISOG

• Huge transformation of digital habits globally due to the ongoing pandemic. A few industries consider this to be the worst phase of business whereas many take this phase as a ‘business opportunity’. Common users have started to fulfill their common needs through digital means where education (different learning apps) or daily essentials (people bound to order online) are not spared. It resulted in a whopping rise in the usage of apps and portals and thereby generating revenues.
• More number of users going digital means more amount of data generation. The huge amount of data generated through day-to-day IT operations invariably requires the most stringent cybersecurity solutions to prevent any kind of malicious element to affect data sanctity of the enterprise.

• How multiple organizations (with examples from different industries) adopted a change of business strategies, IT security policies, incorporation of new technologies to cope up with the ‘new normal’ trends.

On 4th August 2020, ARCON added value to another speaking podium, thanks to Mr. Bhandari again, with his views on “Positioning Privileged Access Management in the Problem Space: Why is it required?” at ISACA (Information Systems Audit & Control Association) South Africa Virtual Conference. The South Africa chapter of ISACA is the largest chapter of the Africa region covering Cape Town, Johannesburg, Pretoria and Durban. Incidentally, South Africa has observed a steep rise of 22% more cyber incidents in the last six months. This gives a clear indication that malicious actors are eyeing on the organizations of this region for lucrative data assets. At this juncture, virtual ISACA offered a much-needed reiteration of IT security awareness among nation-wide enterprises to be acquainted with risk-free IT operations. Hundreds of business leaders in Information Technology, cybersecurity, governance, risk and innovation attended this keynote session.

Key Takeaways from ISACA
This entire session revolved around the importance of ARCON | Privileged Access Management (PAM) and the technological understanding of the USPs of the solution. The below facets were discussed:

• General introduction of ARCON with business history and corporate values. ARCON is ceaselessly working on the focus of Predict | Protect | Prevent since its inception and how it has created a demand for risk-predictive solutions in every corner of the globe, especially in the last few quarters.

• Taking through the flagship solutions of ARCON namely Privileged Access Management (PAM), User Behaviour Analytics (UBA) and Secure Compliance Management (SCM) which are driving the security trend towards predictive analytics of user behaviour rather than just device-centric security.

• Today organizations are making huge investments on advanced technologies based on AI and ML. However, paying scant attention towards IT security aspects after adopting these technologies might drive organizations to face hefty penalties, thanks to the global regulatory bodies. ARCON | PAM complies with all standard regulatory requirements across the world including EU GDPR, HIPAA, PCI- DSS, SOX, ISO 2700.

• ARCON | PAM offers an array of features that includes Granular level access control, Single Sign-On, Multi-factor Authentication, Password Vault, Just-In-Time Privilege, PEDM (Privilege Elevation & Delegation Management), Session Monitoring, Audit trails, Virtual Grouping, Live Dashboard, Customized reporting with Text & Video logs. These help the organizations to ensure seamless IT operation with zero downtime and no cyber incident.

• Single Sign-On is a must for the modern IT environment since the Admin IDs, Root IDs, SA IDs are completely distributed and shared including the passwords. These critical IDs have the rights to create, delete, undo and redo activities including the logs which means these IDs can siphon off anything that could lead to downtime. This necessitates the worth of SSO with single-window access.

• A robust Access Control mechanism where “need-to-know” and “need-to-do” basis access is given utmost priority. The access to the users can be restricted role-wise, day-wise, time-wise or even single-time access which removes the chances of malicious activities in the network. Even elevated rights given to any specific user for a specific task are revoked immediately after the task is accomplished. That’s how “always-on” privileged rights are avoided and security is restored round the clock.

• A detailed session log in video and text format offers a seamless vigilance over the user activities and any kind of deviation from the baseline activities is intimated immediately to the super admin.

• A robust Password Control rotates and randomizes passwords frequently for all devices and for all IDs. This engine creates a centralized secure repository of passwords for multiple systems so that no password can be duplicated under any circumstance. Privilege password vaulting assists the IT administrators to adopt a robust privileged access management practice.

• ARCON offers an outcome-based model where a secured virtual access is offered for on-prem, in-cloud and hybrid data centers. This feature has moved a step ahead with the on-going demand for remote access scenarios where the day-to-day IT operations in multiple levels are happening remotely. ARCON | PAM creates a security shield there as well.

• ARCON envisages comprehensive security under one roof with all the three solutions and protects the organizations from targeted attacks and zero-day threats.

The geography of Africa and APAC has always been promising and lucrative in terms of business opportunity. The global pandemic has changed the entire scenario of IT security. The demand for IT security has created a new realm in the world of digital transformation. Most of the organizations emphasize the awareness of modern IT security and thus, the importance of Privileged Access Management (PAM) is rising rapidly. ARCON received overwhelming responses from both the sessions and it is looking forward to participate in the next phase.

ARCON is a leading enterprise risk control solutions provider, specializing in risk-predictive technologies. ARCON | User Behaviour Analytics enables to monitor end-user activities in real time. ARCON | Privileged Access Management reinforces access control and mitigates data breach threats. ARCON | Secure Compliance Management is a vulnerability assessment tool.