Streamlining Identity and Access Management (IAM) for Mobile, Social and Cloud

Improvements in the digital community have exacerbated the challenges of data access, leaving companies struggling to protect company information — including employee and customer identities — stored beyond the traditional enterprise. Rather than managing a single point of entry to this information, businesses must now be able to verify who is accessing their systems, data and network (and whether they are entitled to do so) from multiple points. This includes cloud-based and mobile devices.

The New Identity and Access Management Defense

In this era, identity and access management (IAM) has become the first line of defense against potential data breaches. But the costs and time involved in deploying, managing and maintaining an IAM “premises build” can be daunting for even the most technologically sophisticated organizations.

As security threats become more sophisticated and the pressures of risk and compliance continue to grow, so too does the demand for a new, proactive approach to identity management that weaves risk control into its very fabric.

Today, IBM announced it has acquired the business operations of Lighthouse Security Group, LLC, a premier cloud security services provider. Lighthouse Security Group’s Gateway platform protects identity and data in an increasingly complex IT environment where more company information is being stored in the cloud and accessed from mobile devices. Lighthouse Security Group is a subsidiary of long-time IBM Business Partner Lighthouse Computer Services, Inc.

This news follows IBM’s acquisition of CrossIdeas, a privately held provider of security software that governs user access to applications and data across on-premise and cloud environments. CrossIdeas combines business-driven governance and analytics capabilities to give customers greater control for securing enterprises. By integrating the businesses of Lighthouse Security Group and CrossIdeas with IBM’s identity and access management offering, IBM will offer a full suite of security software and services that protect and manage a user’s identity.

The challenges of data access have been exacerbated by the digital world where companies are struggling to protect company information, including employee and customer identity, as they are stored beyond the traditional enterprise. Rather than managing a single point of entry to this information, businesses must now be able to verify who is accessing their systems, data and network, and whether they are entitled to do so, from multiple points including cloud and mobile devices. In this new era, identity and access management has become the first line of defense from potential data breaches.

With an expanded view of activities across different security domains throughout the enterprise, and by correlating identity and access management data with other important security events, organizations can quickly uncover inappropriate or suspicious user behavior, including insider threats, and significantly decrease threat response times.

A ‘Risky’ Strategy

As you move workloads to a cloud-based environment or provide your services via a cloud-computing model, you need to ensure that your cloud solution effectively supports your business security and privacy priorities to effectively mitigate risk and protect the confidentiality, integrity and availability of computing resources and data.

Companies today are embracing new business models that increasingly rely on cloud computing, mobile technology and social interactions for their success. And despite efforts to rein them in, insider threats continue to proliferate across the enterprise. The lack of an effective identity and access management strategy — and the expertise necessary to integrate the appropriate technologies into your environment — can result in risky implementations and expensive mistakes. That’s why many organizations look to experienced service providers for assistance.

More from

When the Absence of Noise Becomes Signal: Defensive Considerations for Lazarus FudModule

In February 2023, X-Force posted a blog entitled “Direct Kernel Object Manipulation (DKOM) Attacks on ETW Providers” that details the capabilities of a sample attributed to the Lazarus group leveraged to impair visibility of the malware’s operations. This blog will not rehash analysis of the Lazarus malware sample or Event Tracing for Windows (ETW) as that has been previously covered in the X-Force blog post. This blog will focus on highlighting the opportunities for detection of the FudModule within the…

LastPass Breaches Cast Doubt on Password Manager Safety

In 2022, LastPass suffered a string of security breaches which sparked concern among cyber professionals and those impacted by the intrusions. Some called into question the way LastPass handled and responded to the incident. In addition, the situation ignited a wider conversation about the risks linked to utilizing password managers.A password manager helps users generate strong passwords and safeguards them within a digital locker. A master password secures all data, which enables users to conveniently access all their passwords for…

The Role of Finance Departments in Cybersecurity

Consumers are becoming more aware of the data companies collect about them, and place high importance on data security and privacy. Though consumers aren’t aware of every data breach, they are justifiably concerned about what happens to the data companies collect. A recent study of consumer views on data privacy and security revealed consumers are more careful about sharing data. The majority of respondents (87%) say they wouldn’t do business with companies that appear to have weak security. Study participants also…

The One Place IT Budget Cuts Can’t Touch: Cybersecurity

If IT spending is slowing, will business leaders follow a similar approach for cybersecurity budgets? Probably not. Gartner predicts that end-user spending on both security technology and services will see an annual growth rate of 11% over the next four years. And the market is anticipated to reach $267.3 billion in 2026. Many security professionals agree that security spending cuts aren’t likely. Given the current threat landscape, strong security has quickly become a business imperative. Security has become the highest…