Securing Your Portal
The following tips are designed to assist you in securing your portals and protecting both your network and your customers
Amuleek Bijral
Enterprise and consumer portals are an integral part of the business infrastructure of organisations in many industries – including financial services, healthcare, telecommunications, and government – and enable customers to increase their direct participation in key business processes. However, accompanying this increased usage, are concerns about privacy, secure access management, fraud and the increased risk and cost of security breaches. The concerns are magnified as the external user population grows.
Portals, typically contain important information such as financial assets or health information, and are deployed to user populations where authenticating users and controlling access to resources are critical. The strategic importance of these portals heightens the need for organisations to implement security solutions that meet internal policies, address regulatory requirements and provide the right level of security to protect customer identities.
Too often, portals are not properly secured, thereby inviting unauthorised access to company networks by curiosity seekers or even worse, hackers and fraudsters. The following tips are designed to assist you in securing your portals and protecting both your network and your customers.
Strengthen Your Portal
When strengthening security, you can achieve more with your portal by ensuring that all users – whether employees, partners, suppliers or customers – have secure, convenient access, but only to the data and resources they need to perform their necessary tasks.
Centralise your access policy administration. By using secure Web access technology, you can manage and enforce your portal access, control policies centrally and cost-effectively based on end-user roles, risk level or dynamic attributes.
Know your customer. Secure portals begin at the initial customer enrolment phase. Make sure your customers are who they claim to be. Leverage knowledge-based authentication at initial enrolment to verify user identities.
Record each action. A log management capability will enable you to detect unauthorised activities in real-time and to ensure logged data is available for audits and investigations and properly stored over its entire lifecycle.
Simplify Customer Security
Traditional approaches to security are no longer sufficient as customers increasingly demand convenient network access. However, with the dramatic rise in online fraud and unauthorised access to enterprise networks and confidential information, customers also require that you provide the highest level of security protection for your network and their sensitive data.
Organisations require a solution that delivers strong portal authentication without hampering the customer’s experience or privacy. Increase ease of use for your customers by enabling access to multiple applications within your network with single sign-on (SSO), thereby eliminating the frustration of tracking multiple passwords.
Risk-based authentication delivers both strong security and convenience to customers. This allows for a convenient user experience by minimising the number of unnecessary challenges and lockouts.
Inspire Customer Confidence
Organisations that instill confidence in their customers by ensuring their personal and business information is safe, will clearly have a competitive edge. It has been proven that providing secure online access increases brand loyalty and the number of transactions that customers will conduct online.
Organisations should also proactively educate customers about the security measures and why they have been implemented through various online and offline marketing vehicles.
In addition, by deploying a security solution that provides customers with site-to-user authentication, you are assuring them that they have gained access to your legitimate site, and not a fraudulent site designed to capture their credentials for the purpose of committing fraud at some future date.
The resulting sense of security will boost customer confidence without compromising the user experience, and your organisation can experience a significant increase in portal adoption and customer satisfaction.
The author is Country Manager, India & SAARC, RSA,
The Security Division of EMC