August 11, 2014 By Ryan Dougherty 2 min read

Streamlining Identity and Access Management (IAM) for Mobile, Social and Cloud

Improvements in the digital community have exacerbated the challenges of data access, leaving companies struggling to protect company information — including employee and customer identities — stored beyond the traditional enterprise. Rather than managing a single point of entry to this information, businesses must now be able to verify who is accessing their systems, data and network (and whether they are entitled to do so) from multiple points. This includes cloud-based and mobile devices.

The New Identity and Access Management Defense

In this era, identity and access management (IAM) has become the first line of defense against potential data breaches. But the costs and time involved in deploying, managing and maintaining an IAM “premises build” can be daunting for even the most technologically sophisticated organizations.

As security threats become more sophisticated and the pressures of risk and compliance continue to grow, so too does the demand for a new, proactive approach to identity management that weaves risk control into its very fabric.

Today, IBM announced it has acquired the business operations of Lighthouse Security Group, LLC, a premier cloud security services provider. Lighthouse Security Group’s Gateway platform protects identity and data in an increasingly complex IT environment where more company information is being stored in the cloud and accessed from mobile devices. Lighthouse Security Group is a subsidiary of long-time IBM Business Partner Lighthouse Computer Services, Inc.

This news follows IBM’s acquisition of CrossIdeas, a privately held provider of security software that governs user access to applications and data across on-premise and cloud environments. CrossIdeas combines business-driven governance and analytics capabilities to give customers greater control for securing enterprises. By integrating the businesses of Lighthouse Security Group and CrossIdeas with IBM’s identity and access management offering, IBM will offer a full suite of security software and services that protect and manage a user’s identity.

The challenges of data access have been exacerbated by the digital world where companies are struggling to protect company information, including employee and customer identity, as they are stored beyond the traditional enterprise. Rather than managing a single point of entry to this information, businesses must now be able to verify who is accessing their systems, data and network, and whether they are entitled to do so, from multiple points including cloud and mobile devices. In this new era, identity and access management has become the first line of defense from potential data breaches.

With an expanded view of activities across different security domains throughout the enterprise, and by correlating identity and access management data with other important security events, organizations can quickly uncover inappropriate or suspicious user behavior, including insider threats, and significantly decrease threat response times.

A ‘Risky’ Strategy

As you move workloads to a cloud-based environment or provide your services via a cloud-computing model, you need to ensure that your cloud solution effectively supports your business security and privacy priorities to effectively mitigate risk and protect the confidentiality, integrity and availability of computing resources and data.

Companies today are embracing new business models that increasingly rely on cloud computing, mobile technology and social interactions for their success. And despite efforts to rein them in, insider threats continue to proliferate across the enterprise. The lack of an effective identity and access management strategy — and the expertise necessary to integrate the appropriate technologies into your environment — can result in risky implementations and expensive mistakes. That’s why many organizations look to experienced service providers for assistance.

More from

Airplane cybersecurity: Past, present, future

4 min read - With most aviation processes now digitized, airlines and the aviation industry as a whole must prioritize cybersecurity. If a cyber criminal launches an attack that affects a system involved in aviation — either an airline’s system or a third-party vendor — the entire process, from safety to passenger comfort, may be impacted.To improve security in the aviation industry, the FAA recently proposed new rules to tighten cybersecurity on airplanes. These rules would “protect the equipment, systems and networks of transport…

Protecting your digital assets from non-human identity attacks

4 min read - Untethered data accessibility and workflow automation are now foundational elements of most digital infrastructures. With the right applications and protocols in place, businesses no longer need to feel restricted by their lack of manpower or technical capabilities — machines are now filling those gaps.The use of non-human identities (NHIs) to power business-critical applications — especially those used in cloud computing environments or when facilitating service-to-service connections — has opened the doors for seamless operational efficiency. Unfortunately, these doors aren’t the…

Communication platforms play a major role in data breach risks

4 min read - Every online activity or task brings at least some level of cybersecurity risk, but some have more risk than others. Kiteworks Sensitive Content Communications Report found that this is especially true when it comes to using communication tools.When it comes to cybersecurity, communicating means more than just talking to another person; it includes any activity where you are transferring data from one point online to another. Companies use a wide range of different types of tools to communicate, including email,…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today