Cybersecurity is a key concern for businesses today especially as employees are increasingly using connected devices. According to Gartner estimates, 8.4 billion connected things will be in use worldwide in 2017. As the technology landscape evolves, business leaders need to steer through the intersection of digital business and increasing IT risk.
In such a scenario, Identity and Access Management (IAM) is more important than ever to ensure that the right users are given access to key organizational data and resources, while ensuring efficiency and compliance.
In an email interview with Networks Asia, Lennie Tan, Regional Director, One Identity, Asia Pacific & Japan, talks about how IAM can help enterprises forward and make it more competitive in the marketplace, while simultaneously increasing security. Tan also talks about how MDM and BYOD are changing the face of IAM.
Excerpts of the interview follows:
Q1. IAM is not new. We’ve heard vendors like VMware talking of its importance for a number of years. Most enterprises already have some form of IAM in place; whether for setting up equipment for new hires, or for some form of MDM. How has IAM evolved over the years and what does it mean now for enterprises and enterprise security? Is it essential to have an evolved plan and solution now?
Technology has been evolving at an exponential pace, changing the way enterprises function. While Identity and Access Management (IAM) has been around for a while – and its core tenants of authentication, authorization, and administration have been around forever – it has continued to evolve too as enterprises undergo digital transformation.
In the past, IAM was executed by the IT department with a bulk of the time spent on providing access to new users and password management for the traditional legacy, on-premise applications. As security threats grow and companies embrace cloud and mobility solutions, IAM has necessarily expanded as well to embrace those new technologies while becoming a key tool for risk management, ensuring greater protection and compliance.
However, even as companies invest in robust security solutions, it is essential to ensure that these are not a barrier to business transformation. IAM solutions need to be centralized, automated and integrated to enhance efficiency and productivity and serve as an enabler of digital transformation. As the technology landscape continues to change, organizations will need to review their approach to IAM to remain competitive and secure in an increasingly connected and mobile world.
Q2. How can IAM help me move an enterprise forward and make it more competitive in the marketplace, while simultaneously increasing security?
Enterprises in Asia Pacific are embracing Digital Transformation. According to IDC, 60 percent of the APAC top 1000 enterprises will have digital transformation at the center of their corporate strategy by 2017. However, along with its huge upside and inherent value, digital transformation brings a unique set of risks and security challenges. In fact, the results of a recent global survey have revealed that security is often seen as a barrier to digital transformation.
While traditional IAM frameworks can be expensive to build and time-consuming to implement and maintain, a holistic and well-implemented IAM program can be a catalyst for digital transformation. One Identity IAM solutions are standards-based, business-centric, modular and integrated, and support a governance-first approach to IAM, allowing security to become a true enabler of business innovation.
As a result, organizations are not only secure but also more agile.
Q3. How is MDM and BYOD changing the face of IAM? How much can IAM help IT come to grips with shadow IT?
The regional workforce is increasingly mobile, driven by growing implementation of initiatives such as flexible working and BYOD to promote productivity. According to IDC, enterprise mobility in Asia Pacific continues to be one of the fastest growing 3rd Platform technologies as mobility initiatives shift from an under-resourced side project to become central in driving both business and operational strategy in the enterprise.
However, mobile devices create an added layer of complexity and risk for IAM. This is especially true for BYOD as regulation of personal mobile devices involves greater effort. IAM solutions must address how access can be secured when connecting to corporate resources from a personal device. This has resulted in greater demand for multifactor authentication and single sign-on (SSO) capabilities to enable the secure use of mobile devices for corporate resources.
Shadow IT is another area of concern for organizations as identities used to access the online solutions or applications may not be authorized, putting the company at risk. Gartner predicts that through 2017, 38% of technology purchases will be managed, defined and controlled by business leaders. In such a scenario, there is a need for strong IAM solutions that can empower line-of-business leaders with greater levels of agility and control while maintaining the level of visibility and security that best-practices demand. One Identity solutions, Cloud Access Manager and Identity Manager, can help enterprises bring shadow IT into the light by providing a centralized control point and the scope to embrace new applications, processes, access scenarios and transformative initiatives without sacrificing security or control.