August 11, 2014 By Ryan Dougherty 2 min read

Streamlining Identity and Access Management (IAM) for Mobile, Social and Cloud

Improvements in the digital community have exacerbated the challenges of data access, leaving companies struggling to protect company information — including employee and customer identities — stored beyond the traditional enterprise. Rather than managing a single point of entry to this information, businesses must now be able to verify who is accessing their systems, data and network (and whether they are entitled to do so) from multiple points. This includes cloud-based and mobile devices.

The New Identity and Access Management Defense

In this era, identity and access management (IAM) has become the first line of defense against potential data breaches. But the costs and time involved in deploying, managing and maintaining an IAM “premises build” can be daunting for even the most technologically sophisticated organizations.

As security threats become more sophisticated and the pressures of risk and compliance continue to grow, so too does the demand for a new, proactive approach to identity management that weaves risk control into its very fabric.

Today, IBM announced it has acquired the business operations of Lighthouse Security Group, LLC, a premier cloud security services provider. Lighthouse Security Group’s Gateway platform protects identity and data in an increasingly complex IT environment where more company information is being stored in the cloud and accessed from mobile devices. Lighthouse Security Group is a subsidiary of long-time IBM Business Partner Lighthouse Computer Services, Inc.

This news follows IBM’s acquisition of CrossIdeas, a privately held provider of security software that governs user access to applications and data across on-premise and cloud environments. CrossIdeas combines business-driven governance and analytics capabilities to give customers greater control for securing enterprises. By integrating the businesses of Lighthouse Security Group and CrossIdeas with IBM’s identity and access management offering, IBM will offer a full suite of security software and services that protect and manage a user’s identity.

The challenges of data access have been exacerbated by the digital world where companies are struggling to protect company information, including employee and customer identity, as they are stored beyond the traditional enterprise. Rather than managing a single point of entry to this information, businesses must now be able to verify who is accessing their systems, data and network, and whether they are entitled to do so, from multiple points including cloud and mobile devices. In this new era, identity and access management has become the first line of defense from potential data breaches.

With an expanded view of activities across different security domains throughout the enterprise, and by correlating identity and access management data with other important security events, organizations can quickly uncover inappropriate or suspicious user behavior, including insider threats, and significantly decrease threat response times.

A ‘Risky’ Strategy

As you move workloads to a cloud-based environment or provide your services via a cloud-computing model, you need to ensure that your cloud solution effectively supports your business security and privacy priorities to effectively mitigate risk and protect the confidentiality, integrity and availability of computing resources and data.

Companies today are embracing new business models that increasingly rely on cloud computing, mobile technology and social interactions for their success. And despite efforts to rein them in, insider threats continue to proliferate across the enterprise. The lack of an effective identity and access management strategy — and the expertise necessary to integrate the appropriate technologies into your environment — can result in risky implementations and expensive mistakes. That’s why many organizations look to experienced service providers for assistance.

More from

Another category? Why we need ITDR

5 min read - Technologists are understandably suffering from category fatigue. This fatigue can be more pronounced within security than in any other sub-sector of IT. Do the use cases and risks of today warrant identity threat detection and response (ITDR)? To address this question, we work backwards from the vulnerabilities, threats, misconfigurations and attacks that IDTR specializes in providing visibility into. As identity threat detection and response (ITDR) technology evolves, one of the most common queries we get is: “Why do we need…

On holiday: Most important policies for reduced staff

4 min read - On Christmas Eve, 2023, the Ohio State Lottery had to shut down some of its systems because of a cyberattack. Around the same time, the Dark Web had a “Leaksmas” event, where cyber criminals shared stolen information for free as a holiday gift. In fact, the month of December 2023 saw more than 2 billion records breached and 1,351 disclosed security incidents, according to research from IT Governance — an increase of 332% and 187%, respectively, over the month of…

How I got started: Incident responder

3 min read - As a cybersecurity incident responder, life can go from chill to chaos in seconds. What is it about being an incident responder that makes people want to step up for this crucial cybersecurity role?With our How I Got Started series, we learn from experts in their field and find out how they got started and what advice they have for anyone looking to get into the field.In this Q&A, we spoke with IBM’s own Dave Bales, co-lead X-Force Incident Command…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today