Identity management key to security modern network
Unifying identity and access management could help secure increasingly distributed networks.
By just about any measure, the modern enterprise network is becoming larger, more distributed and more complex. With users, devices and applications being continuously introduced at great scale, IT teams are starting to wonder if their security perimeters have become altogether obsolete.
As they consider how to regain consistent control over corporate assets, many have shifted the emphasis from network monitoring to data protection in the interim. However, CA Technologies senior director of security strategy John Hawley has suggested that evolving identity management practices will be the true solution for keeping the IT ecosystem in-check.
Diverse challenges
Network security is a swiftly moving target, and just as IT teams think they have everything accounted for, a new development can come out of left field to send them back to the drawing board. This is just what has happened in the era of cloud computing, smart devices and consumerized IT, Hawley explained in a recent guest column for PCWorld. The standard security perimeter based on firewalls and virtual private networks (VPNs) no longer seems so safe as the enterprise data center becomes increasingly fragmented.
The rapid rise of remote workers has been the first test provided to network managers, according to Hawley, while deeply integrated business models have welcomed new partners, suppliers and even customers into the IT ecosystem. And of course, the footprint left by each individual user has become much larger now that they are often incorporating three or more devices into their daily workflow.
From an application perspective, a greater proportion of programs are being hosted well beyond the firewall in a cloud-based environment. This trend shows no signs of letting up, either, as IDC analysts recently predicted that Software-as-a-Service will account for almost 60 percent of the potential $100 billion being spent on public cloud utilities in 2016.
What's more, these applications can be easily acquired and implemented by line-of-business employees, making shadow IT a far more impactful segment of the employee population.
"The bottom line is that as the data center fragments, IT will often not have control over the network security perimeter, the device or the application security stack," Hawley wrote. "The security challenge is more about connecting the right people to the right business service, which cannot be done if every business service manages its own authentication and identity management."
A united front
Recognizing the problem and developing a viable solution are two decidedly different tasks. As Hawley noted, the majority of identity and access management (IAM) strategies still include a separate user list and credential set for each application. And while new tokenization methods show potential, most standards are still in the formative stages.
The good news is awareness for the need to evolve and refine IAM technologies and protocols is growing. According to the latest global survey of IT executive conducted by Aveksa, 45 percent of respondents cited centralized and integrated decision support as the most important requirement of a successful IAM initiative. But as it stands, more than a third believe their tools are being deployed without sufficient business context.
"The results of our recent survey clearly indicate that large enterprises are looking for a new approach to IAM, one that is driven by the business and governed by IT," Aveksa CEO Viren Vaishnavi explained. "To make this a reality, these enterprises need sophisticated automation solutions with comprehensive functionality."
In Hawley's view, the next-generation of solutions will be able to automatically adjust authentication modes based on contextual elements ranging from device type and time of day to recent histories and transaction values. These homecooked or cloud-based IAM services should help IT establish a single sign-on process even as users continuously add new SaaS applications.
Security News from SimplySecurity.com by Trend Micro
Spotlight
Cloud Computing
- Security in backups means more than just encryption
- Employees must buy into the company policy for better cloud security
- Desktop virtualization can enhance security performance
- Cybersecurity cooperation becoming military necessity
Virtualization
- Virtualization-specific challenges could threaten data security
- Evolving threats put security skills in high demand
- Virtualization security requires education, access control management
- Tips for launching effective virtual security tools
Internet Safety
- Virtualization-specific challenges could threaten data security
- Evolving threats put security skills in high demand
- Virtualization security requires education, access control management
- Tips for launching effective virtual security tools
Vulnerabilities & Exploits
CTO Insights
First Line of Defense
Newsletter
Stay up to date with the latest news and information on online threats.
Recent News
- FBI trying to train financial execs on cyber threats
- Wall Street has data security concerns over Bloomberg reporting
- Security in backups means more than just encryption
- Employees must buy into the company policy for better cloud security
Tag Cloud
cloud cloud computing cloud computing security Cloud Security Compliance & Regulations Consumerization Current News cybercrime Data Privacy data security Encryption Government Policy Internet Protection Internet Safety Internet Safety - DO NOT USE Internet Security Malware Mobile Security Mobility Policy Policy - DO NOT USE Privacy Privacy & Policy Private Cloud Public Cloud Reports Research Spotlight threat intelligence threat research Trend Labs Underground Economy virtualization Vulnerabilities Vulnerabilities - DO NOT USE web security web threats
Comments
No comments yet