Identity theft: how to protect against it within companies?

Identity theft

Identity theft, which affects individuals in both personal and professional situations, is a threat whose impact is growing as the digital age expands in our lives. Although identity theft was not born with information technology, it is indeed the IT that has contributed to its expansion: on the one hand, more and more administrative procedures are carried out online, and on the other hand, our personal exchanges and confidential data are often poorly protected. Nevertheless, there are ways to protect against it, especially for companies for which the impact of impersonating an important person in the organization is potentially devastating. In addition to accessing confidential information, the illegitimate user can, in some cases, carry out actions that are harmful to the information system and therefore to the entire company.

Strong authentication as a prerequisite

When it comes to protecting against stealing an identity, strong authentication is often a prerequisite for companies. It consists of identifying users on their workstations via at least two distinct identification factors, such as a password and a fingerprint or a PIN code and a smart card.

If a simple password is not enough, linking it to a second authentication factor (“what you are” such as a fingerprint or “what you have” such as a smart card) drastically reduces the risk of identity theft when the legitimate users are not already logged into their workstations.

Strong authentication is therefore essential but does not protect against all risks of identity theft: what if the illegitimate user takes possession of the workstation after the legitimate user has logged in and is momentarily absent without locking his session? Or if the illegitimate user has managed, despite the strong authentication mechanism, to unlock the session? Even if it is indeed more difficult to steal at the same time a password and a smart card, it is still possible, via social engineering techniques or if dealing with an experienced hacker.

Zero Trust Network Access (ZTNA) to limit the attack area

If identity theft is still possible, the objective for companies is to limit the attack area. This can be done by using a ZTNA solution to access corporate resources. The ZTNA allows to implement the principle of least privilege by limiting the user’s rights/authorizations to only those applications/data that are necessary for the user’s tasks. Thus, any compromise resulting from identity theft can only affect the resources accessible by the user whose identity has been stolen.

Continuous authentication to stop identity theft for good

While strong authentication limits the probability of identity theft and the ZTNA limits the attack surface when it occurs, identity theft remains possible (even if risks are drastically reduced). To face the latest risks and stop identity theft, the deployment of a continuous authentication mechanism, a permanent authentication of users based on their behaviors on their workstations, is proving to be the most effective solution. Indeed, continuous authentication allows to eliminate any attempt of identity theft, even when the illegitimate user is already connected to the legitimate user’s session and even if he has all the codes and other means of access in his possession. Since continuous authentication is based on behavioral biometrics (a set of techniques that identify a person based on their behavior), it is impossible for an illegitimate user to identically reproduce the behavior of the legitimate user (the way he or she uses the mouse or types on the keyboard). Any identity theft of a session with a continuous authentication mechanism will lead to an automatic logout. With Systancia Access allowing strong authentication, Systancia Gate limiting the attack surface and Systancia Cleanroom, a PAM (Privileged Access Management) solution integrating continuous authentication mechanisms for privileged users, the Systancia suite allows companies to counter identity theft attempts and thus increase their resilience against increasingly heterogeneous threats.