Securing your Cloud Identity
By Kevin Cunningham, President and Co-founder, SailPoint
As more and more enterprises move to the cloud, IT managers have their hands full when it comes to ensuring they do not become exposed to security breaches, data privacy exposures, and compliance issues.
In the last year, there hass been a significant increase in the number of CIO mandates to only adopt cloud applications. Research from IDC claims that by 2019 IT managers and enterprises will be spending more than £100 billion annually on cloud services. Of course, when approached in the right way, the cloud can deliver considerable benefits to organisations, but there are a number of challenges facing IT managers along the way:
"A comprehensive cloud-based identity governance must be able to connect to all enterprise systems, from the legacy applications that have been in use for years to the SaaS applications that are being adopted today"
1. Covering all the Bases
As organisations move to the cloud, they will likely continue to have a number of critical applications that remain on-premises, some for many years to come. So even if a “cloud-first” mandate exists, any cloud-based identity management solutions must provide comprehensive coverage to this hybrid IT environment.
2. Dissolution of the “Network Perimeter”
Employees today can use their personal devices to access corporate accounts in the cloud. This means that IT managers need visibility into and control over that. Often, the only link IT has between the end-user on a smartphone and an account for a SaaS application is the user’s identity.
So effectively managing that identity is the key to managing the perimeter-less enterprise.
3. Data, Data and Data
We’re seeing an explosion of unstructured data in the enterprise and out to the cloud in storage systems such as DropBox. More often than not this is data that was previously kept secure in a database or application, but in the name of convenience and collaboration it has now been distributed in a largely uncontrolled fashion. With potentially sensitive data making the move to cloud storage services, it is crucial for organisations to understand and manage where this data exists and who has access to it.
In order for IT managers to make the most of the cloud without exposing themselves to security and privacy concerns there needs to be a shift in organisations’ overall approach to IT security. Since understanding “identity,” is often the most critical element in linking all this together enterprisesneed to ensure that identity is at the centre of their IT and security approach.
To do this effectively, the historic barriers and separate silos of security and operations processes need to be broken down, to provide better visibility into who is doing what, what kind of risk that represents, and to be more proactive in dealing with threats in real-time – across the entire hybrid IT enterprise infrastructure. The ability to manage and control identities across the hybrid IT environment while securely migrating to a cloud enterprise requires sound identity governance. And fortunately for those cloud-savvy enterprises, there is a new generation of cloud-based identity governance solutions that meet the needs of managing this hybrid IT environment while extending the benefits of the cloud. However, as with all new markets, there will be technology claims that may exceed a vendor’s ability to deliver.
A comprehensive cloud-based identity governance must be able to connect to all enterprise systems, from the legacy applications that have been in use for years to the SaaS applications that are being adopted today. IT managers need visibility into all the information about an identity, across all the applications an enterprise uses, all the data they have, and across all users – no matter where they are located or what devices they may use. Cloud-based identity governance should also be able to govern everything. Organisations must have a grasp of who should have access, who does have access, and what users are doing with their access to all applications and data for all your users. This requires the ability to define a desired state and continually assess where access is not aligned with the model. Finally, IT managers must empower their users to work how they like to work, wherever they are and on whatever device they want to use. This enables organisations to safely increase collaboration both inside and outside of the network.
By treating identity as a company-wide initiative, organisations can ensure visibility, control and governance to all data and applications. Only by taking an ‘identity-first’ governance approach can IT managers help their organisations become ‘cloud-first’ over time, maintaining a safe IT environment while keeping identity governance at the foundation of it all.
SailPoint provides identity governance solutions with on-premises and cloud-based identity and access management software for complex challenges.