Streamlining Identity and Access Management (IAM) for Mobile, Social and Cloud
Improvements in the digital community have exacerbated the challenges of data access, leaving companies struggling to protect company information — including employee and customer identities — stored beyond the traditional enterprise. Rather than managing a single point of entry to this information, businesses must now be able to verify who is accessing their systems, data and network (and whether they are entitled to do so) from multiple points. This includes cloud-based and mobile devices.
The New Identity and Access Management Defense
In this era, identity and access management (IAM) has become the first line of defense against potential data breaches. But the costs and time involved in deploying, managing and maintaining an IAM “premises build” can be daunting for even the most technologically sophisticated organizations.
As security threats become more sophisticated and the pressures of risk and compliance continue to grow, so too does the demand for a new, proactive approach to identity management that weaves risk control into its very fabric.
Today, IBM announced it has acquired the business operations of Lighthouse Security Group, LLC, a premier cloud security services provider. Lighthouse Security Group’s Gateway platform protects identity and data in an increasingly complex IT environment where more company information is being stored in the cloud and accessed from mobile devices. Lighthouse Security Group is a subsidiary of long-time IBM Business Partner Lighthouse Computer Services, Inc.
This news follows IBM’s acquisition of CrossIdeas, a privately held provider of security software that governs user access to applications and data across on-premise and cloud environments. CrossIdeas combines business-driven governance and analytics capabilities to give customers greater control for securing enterprises. By integrating the businesses of Lighthouse Security Group and CrossIdeas with IBM’s identity and access management offering, IBM will offer a full suite of security software and services that protect and manage a user’s identity.
The challenges of data access have been exacerbated by the digital world where companies are struggling to protect company information, including employee and customer identity, as they are stored beyond the traditional enterprise. Rather than managing a single point of entry to this information, businesses must now be able to verify who is accessing their systems, data and network, and whether they are entitled to do so, from multiple points including cloud and mobile devices. In this new era, identity and access management has become the first line of defense from potential data breaches.
With an expanded view of activities across different security domains throughout the enterprise, and by correlating identity and access management data with other important security events, organizations can quickly uncover inappropriate or suspicious user behavior, including insider threats, and significantly decrease threat response times.
A ‘Risky’ Strategy
As you move workloads to a cloud-based environment or provide your services via a cloud-computing model, you need to ensure that your cloud solution effectively supports your business security and privacy priorities to effectively mitigate risk and protect the confidentiality, integrity and availability of computing resources and data.
Companies today are embracing new business models that increasingly rely on cloud computing, mobile technology and social interactions for their success. And despite efforts to rein them in, insider threats continue to proliferate across the enterprise. The lack of an effective identity and access management strategy — and the expertise necessary to integrate the appropriate technologies into your environment — can result in risky implementations and expensive mistakes. That’s why many organizations look to experienced service providers for assistance.
Security Strategist – Identity and Access Management
Ryan is the Global Security Strategist and Program Manager for Identity and Access Management at IBM Security Services. He is responsible for developing inno...