BYOD Passwords Hacking Cloud Compliance Reviews Privacy

Current Filter: Security>>>>>Opinion>

PREVIOUS

Filtered Articles:1 of 44   Current Article ID:6496

NEXT



Gateway to safety

Editorial Type: Opinion     Date: 03-2016    Views: 1982      







Rarely does a single cloud have the silver lining of offering all the applications that enterprise I.T. needs to deliver... enter Identity and Access Management

The potential benefits offered by the switch to cloud-based applications and services are undoubtedly compelling for many organisations. However, as Kevin Sapp, VP of Strategy for Pulse Secure, points out, it is rare that a single cloud will offer all the applications that enterprise IT needs to deliver.

"The reality is that IT will become a hybrid endeavour that joins multiple cloud-based services with on-premise applications to serve an increasingly mobile workforce," he says. "This leads to a logical conclusion that Identity and Access Management (IAM) needs to become the gateway for the secure provision of this diverse environment and, with control of this gateway, allowing organisations to successfully manage enforcement of corporate policies around user access, application security and content flow."

The key criteria for the deployment of IAM must embrace flexibility, he stresses, "to work with the broadest set of operating systems and access technologies, which should include VDI and HTML based applications that are accessed by SSL VPN, with the ability to implement and enforce Network Access Control on a granular per device and contextual basis".

Moreover, Sapp argues, as organisations switch to cloud-based equivalents for core services, such as email, collaboration and document retention, IAM must be technically able to deal with a growing stack of technologies and services that include core vendors such as SAP, Salesforce, Google, Microsoft and Oracle, with the ability to adapt as these players evolve and are joined by new innovators.

RIPPLE EFFECT
For Will Culbert, director of solutions engineering at Bomgar, it's vital that a business be "cognisant of the undertaking and its ripple effect throughout the organisation, as IAM governance touches every system, every person, both internal and third parties. Hence defining timelines and the scope of the Identity and Access Management project is a critical first step, as there is no such thing as one size fits all in this space."

As with all programmes of work, there are some smaller projects that can be quickly addressed, delivering high value returns to the business. "One of the these within an IAM programme is implementing a Privileged Access Management solution to enable organisations to quickly set up a perimeter to control, manage and monitor all access to their IT systems, whether by internal employees or external vendors," he adds.

"By quickly controlling the access to systems as the first step in an IAM project, organisations immediately improve their security and have full visibility and control as to who is accessing parts of their systems, when, how and for what length of time," Culbert concludes. "If privileged access isn't addressed at the forefront of these projects, IAM programmes can take months, if not years, to fully implement without the organisation realising real improvements in their security posture."

Like this article? Click here to get the Newsletter and Magazine Free!

Email The Editor!         OR         Forward ArticleGo Top


PREVIOUS

                    


NEXT