Why Identity Management is the new perimeter

By Paul Moore, CTO, Centrify.

  • 10 years ago Posted in

Another day, another major security breach.


At the time of going to press, the high profile hacking of celebrity private photos had been occupying the front pages of the mainstream media for several days and as a result was shining a spotlight yet again on cloud security.


Prior to this, eBay suffered a crippling cyber attack that compromised its main database, forcing all users to change their passwords. Elsewhere, AOL confirmed a significant security incident involving unauthorised access to the company’s network and systems. It seems never ending and the chances are, by the time you read this article, another breach will be hitting the headlines and causing concern about privacy and security.


When even the most powerful Internet companies are vulnerable, it’s time to ask if traditional security measures—such as antivirus software, passwords, VPNs and firewalls—are still capable of doing the job.


Unfortunately, the answer seems to be a resounding ‘no’.


This is not surprising given the increasingly nebulous nature of the corporate data centre.


The data centre has expanded to include cloud and mobile environments, with many employees accessing work-related services and data on their own devices. Bring Your Own Device (BYOD) of course isn’t a new concept but it is one that is still growing at a phenomenal rate, with Gartner Research predicting that by 2017, around 50 per cent of employers will require their employees to supply their own devices.


As a result, enterprise data is becoming exponentially harder to secure because so much of it is now happening outside of the traditional security perimeter. Enterprise data is everywhere and users can increasingly access it from a personal mobile or tablet device – which are susceptible to being lost or stolen. This challenge is compounded further given that we are poor at protecting our own identity, and that’s precisely what hackers are counting on.


So how do organisations lock down this expanded work perimeter without losing productivity and without opening the door to more security breaches? Clearly, a new approach is needed to protect today’s cloud-based, mobile enterprise.


Organisations must begin by securing the person—an individual’s identity—as the first line of defence, rather than the corporate network.


This is because applications and data are becoming more controlled by a host of cloud service providers—and are therefore increasingly outside the control of corporate networks. However, the ability to authenticate users into those cloud-based and mobile environments remains the one central point of control. That is precisely why identity management is becoming the new perimeter.


From a security standpoint, it no longer makes sense to distinguish between what happens inside the four walls of an organisation and what happens outside. The old security perimeter has been blown to pieces. If organisations want to protect their data going forward, they need to think differently about how they manage security and user identities. Companies no longer need to care about where their users are physically. Instead, they need to ensure that users really are who they say they are.
In this new paradigm, user authentication is paramount—and the best way for organisations to keep their data and applications secure.


Traditionally, identity was about managing users’ accounts and passwords, plus granting them access to authorised applications. Today however, mobile device identity and cloud user identity technology can leverage user and device information and put it into context, determining who has access to what app from which device and location.


A mobile management service ensures the correct device posture and compliance is in place while being used to access apps. It also provides a way for end users to easily track, locate and wipe their devices in the event of theft or compromise of the device. This is critical, as a good identity management solution will always ensure one-click experiences on mobile apps without prompting the user for any passwords, thereby also reducing the associated risk if the user loses his device.


Additionally, an identity service can provide the required controls to IT teams to easily define granular role, device and location-based access to apps, making it easier to track both individuals and devices.


By adopting a centralised approach to identify management, organisations can at last productively begin to create a new perimeter that fully protects the business across the complete distributed IT environment of data center, cloud and mobile.
 

Research shows ‘game needs to be changed,’ with security innovation years behind that of the...
Trend Micro has released new research detailing the murky cybercrime supply chain behind much of...
Node4 has released its Mid-Market IT Priorities Report 2021. The independent report reveals that...
Research from Avast has found that employees in almost a third (31%) of Small and Medium...
This year, over half of MSPs or their end customers have been attacked by ransomware but only 53%...
Trend Micro has published new research revealing that 90% of IT decision makers claim their...
Cyber consultants call on businesses to act now, or risk budgets shrinking further in ‘real...
State of Industrial Cybersecurity report reveals only 21% of organizations achieved full maturity...