Steve provides research, analysis, insight and commentary on topical issues and events.
He lives in New Zealand and has been working at FastTrack Software for 10 years as a cyber security analyst and technical writer.
Deadline Approaching? Stay Cool
Deadline Approaching? Stay Cool
We all know the familiar signs that indicate a rapidly approaching deadline: worry, stress, relentless pressure, a sense of urgency, late nights at the office, sending Jan’s emails to Jim, wearing the same shirt to loud-shirt-Friday two weeks in a row and snapping at the intern for only putting three sugars in your sixth coffee of the morning.
It’s a slippery slope when there is much to be done and only so much time to do it, and a lot can go wrong (like a spilt coffee, for one).
The EMV Liability Shift Deadline: A Lost Cause
This dire situation is the reality for many petroleum companies in the United States currently striving to make the impending EMV liability shift deadline which, despite the uncertainty in the air due to the Covid-19 global pandemic, is set to go ahead on October 1st.
Europay, MasterCard and Visa make the acronym EMV; however, the term is now a recognised way to refer to any card with a chip. The liability shift pertains to the shifting of culpability from the card issuer to the merchant when card fraud takes place.
Hacking a card with only a magnetic stripe is notoriously easy due to the coded data on the ‘stripe’ never changing, whereas new data is created with every transaction on a chipped card with EMV technology. Under the status quo, card issuers cover the cost of credit card fraud. With the liability shift, any non-compliant merchants will now be held responsible.
The original shift deadline for gas stations was October 1st 2017 (two years later than the October 1st 2015 deadline set for all other merchants) but was further extended due to smaller businesses struggling to make the required changes on time. Three years on, the situation isn’t looking much better.
Many companies feel the challenges they face in becoming compliant outweigh the benefits of EMV technology. These challenges include the sheer cost of the transition, the availability of the necessary software and hardware, and the lack of technicians qualified to do the job. Folk Oil Vice President Jim Linton stressed in a panel discussion late last year that implementing the new systems could take a minimum of six months, and every job has its share of complications during the process (heaven help them if their coffee machine breaks down).
So, for many businesses, the EMV liability deadline (now less than five months away) is looking like something of a lost cause. Those who don’t make it will most likely suffer an increase in fraudulent attacks that they (as the merchant) are liable for, as hackers migrate to areas where EMV technology has not been adopted. Many will likely come to regret not putting up the money and obtaining the necessary resources to help them meet the deadline on time.
On the Grind
When the pressure is on due to a swiftly approaching deadline, tasks can be passed to the wrong people who may not have access to the right resources. Mistakes can be made; corners can be cut, and details can be overlooked in the mad rush to get everything done. With deadline pressure instilling a ‘let’s cross that bridge when we come to it’ mentality, employees can be inclined to install programs and access resources that make their jobs (and lives) easier, leaving gaping security holes and safety protocols forgotten on the back shelf, gathering dust.
The EMV shift might spell disaster for many US companies, but no business, big or small, can escape the fact-of-life that is deadlines.
A vital tool to help ease the deadline burden is one that can manage the masses: ensuring the right people have access to the right resources, and that security remains tantamount to productivity.
Privileged Access Management (PAM) is that tool. But there’s a catch: not all PAM solutions can keep up with deadline pressure.
First Impressions Really Do Count
Gartner’s 2018 ‘Magic Quadrant’ Report referred to PAM as “one of the most critical security controls”, which, two years on, stands to be truer than ever with increasingly convoluted malware making the rounds and progressively complex IT environments in the workplace.
Gartner also takes into account that PAM solutions likely to be circumvented are those that are difficult to implement and operate, meaning the (sometimes costly) security investment could simply end up being left unused, particularly if users are already struggling with the pressure of an upcoming deadline. Think of it this way: taking the first sip of a burnt coffee is always an unpleasant experience. Solution? Take your business to a shop where that very first sip is pure bliss.
Three of the four lowest reviews on Consumer Affairs
for Thycotic PAM solution cite deployment difficulties and delay in installation as reasons for their sub four-star rating.
Cyberark’s Why Cyberark page fails to list ease of use as a top selling point.
BeyondTrust has over 20,000 customers; sure - they’re popular. But you end up being just one of the many - and attempting to navigate the BeyondTrust PAM solution as ‘one of the many’ has proved to be a difficult task for some. Numerous critical reviews of BeyondTrust software report difficulty accessing technical support, with the service & support category frequently receiving 2 out of 5 stars. Gartner’s ‘Most Helpful Critical Product Review’ of BeyondTrust’s PAM solution, dated March 2020, puts deployment time at 9 to 12 months for a company of 30,000+ end points. The review rates availability of resources a sub-par 2 out of 5, and ease of integration and ease of deployment 3 out of 5. Several other critical Gartner reviewers agree, one stating “connecting to multiple user endpoints was cumbersome and slow”, and rating integration and deployment 2 out of 5.
Ease of deployment and implementation suffers poor ratings both on Gartner Peer Insights and other review sites, with one G2 review
commenting on the interface being confusing to work with and as a user, needing educating on how to use it. Another cites productivity being hampered due to the "strict rules" of the security software unnecessarily preventing installs, pointing out that as a new user you need to ensure you communicate well with all departments using the software and "take your time" to avoid these unnecessary hitches.
An impending deadline doesn’t allow for "taking your time" or 2 out of 5 stars in deployment and implementation.
The Better Choice: Admin By Request
FastTrack Software’s Admin By Request is the fastest growing PAM solution in the world largely due to how easy it is to deploy, manage and maintain.
As the parent company’s name suggests, Admin By Request’s biggest strength over similar software solutions lies in speed of implementation. Admin By Request provides quick and direct access security, with deployment taking mere minutes and causing minimal interruptions for users. Once deployed, users can still install the programs they need to make deadlines without having to wait on the flustered IT tech to do a remote install in between coffees number eight and nine.
Admin By Request provides PAM to organisations in fast-developing sectors that rely on a solution that can keep up with their continual deadlines; the technology industry, infrastructure, consumer goods and automotive manufacturers to name a few. A well-known tech company was recently forced to make the better choice when they were unable to implement BeyondTrust in a timely enough manner to meet their own deadlines.
Continually updating and maintaining whitelists are no longer a concern with Admin By Request, which provides four ways to get local admin rights elevation (meaning everyone has the right access to what they need when that deadline springs up out of nowhere). See how elevation works here: Local Admin Rights Elevation, Served Three Ways!
Those security holes are closed (phew) and the protocols that get shelved during the deadline-rush are back up and running thanks to Admin By Request’s partnership with Opswat MetaDefender
. Every file download gets scanned in real-time by over 35+ anti-malware engines, meaning every user install is completely safe. File execution runs in a sandbox environment, further eliminating the chances for any bumps and hitches along the deadline road.
Admin By Request’s ‘Learning Mode’ offers a gentle approach to implementing this solution. Restrictions can be set to minimal, but activity is logged, meaning productivity during deadline-time can be monitored and nudged onto the right track if need be. After learning mode, the necessary steps can be taken to ensure secure access with no hampering the workflow or revolt from unhappy users
Adding to ease of use, Admin By Request uncomplicates complicated times with a user-friendly mobile app compatible with both Android and IOS. Real-time push notifications mean installs can be approved (if you require approval
– installs can also simply require a reason to be specified) on the fly between (you guessed it) coffee runs.
Speaking of which, it’s about that time!
We all have deadlines to meet, some small (having a coffee ready before the 6am Zoom call) and some big (a moment of silence for those stuck in the EMV liability shift fiasco).
But while deadlines may be a lost cause for some businesses: they don’t have to be for yours.