IBM InterConnect 2015 is right around the corner. This is always an opportunity for organizations from around the world to share, collaborate and recommend strategies to secure the new era of computing. This year, chief information security officers and identity and access management (IAM) leaders are turning their attention to the digital identity as a security weak link and, specifically, the human interactions across the enterprise and in the cloud. Many organizations are embarking on bring-your-own-digital-identity strategies, while others are relying on silos of enterprise identities and context awareness to secure authorized access to enterprise applications and data on a need-to-know basis. Organizations need to evolve their IAM infrastructure to secure authorized access to their crown jewels that reside in the distributed and mainframe environments while enabling themselves to leverage the new era of the cloud and mobile computing.

At this year’s conference, IBM will share the evolving threat landscape and the following three key considerations to strengthen IAM programs in 2015:

1. Digital Identity Needs to Become a Security Control

By compromising an authorized user’s digital identity and intruding upon his or her access with common vulnerabilities and attacks, attackers gain the quickest path to the enterprise’s crown jewels: data. Today’s Web access management systems authenticate and authorize user access while letting the Web content flow through without security checks. In order to defend the enterprise against targeted attacks and session takeovers, Web access management systems need to evolve to become aware of security threats and vulnerabilities. They cannot turn a blind eye.

2. Identity Context Is Essential for Fraud and Insider Threat Prevention

The rapid cloud, mobile and social transformations continue to erode the traditional security perimeter as we know it. This results in multiple perimeters around the enterprise resources, business partner interactions and cloud-based services. For example, mobile employees’ extranet access resembles that of an end consumer’s access. Outsourced IT employees administer business-critical assets with privileged access from remote locations. Traditional, static access definitions need to evolve to use identity context such as user, device and transactional attributes to help ensure legitimate users have access and fraudulent user activities are prevented.

3. Identity Governance and Analytics Are Required Elements for Enterprise Risk and Compliance Management

Organizations today have siloed and customized IT-driven identity management to govern the access of their employees, contractors and partners and help support their regulatory compliance posture. This offers opportunities for the enterprise users to be productive while introducing ways for the business to be compromised in the new era of computing. Audit and risk teams alike continue to demand answers to seemingly simple questions. Who is doing what, where and from how many points of access? Business-driven identity management with a focus on identity governance and real-time identity and access analytics can help answer these questions and enables better decision-making and detection of anomalous behavior to audit, providing enterprise-wide security risk management.

Figure 1: IBM Threat-Aware Identity and Access Management

More from Identity & Access

“Authorized” to break in: Adversaries use valid credentials to compromise cloud environments

4 min read - Overprivileged plaintext credentials left on display in 33% of X-Force adversary simulations Adversaries are constantly seeking to improve their productivity margins, but new data from IBM X-Force suggests they aren’t exclusively leaning on sophistication to do so. Simple yet reliable tactics that offer ease of use and often direct access to privileged environments are still heavily relied upon. Today X-Force released the 2023 Cloud Threat Landscape Report, detailing common trends and top threats observed against cloud environments over the past…

Artificial intelligence threats in identity management

4 min read - The 2023 Identity Security Threat Landscape Report from CyberArk identified some valuable insights. 2,300 security professionals surveyed responded with some sobering figures: 68% are concerned about insider threats from employee layoffs and churn 99% expect some type of identity compromise driven by financial cutbacks, geopolitical factors, cloud applications and hybrid work environments 74% are concerned about confidential data loss through employees, ex-employees and third-party vendors. Additionally, many feel digital identity proliferation is on the rise and the attack surface is…

X-Force certified containment: Responding to AD CS attacks

6 min read - This post was made possible through the contributions of Joseph Spero and Thanassis Diogos. In June 2023, IBM Security X-Force responded to an incident where a client had received alerts from their security tooling regarding potential malicious activity originating from a system within their network targeting a domain controller. X-Force analysis revealed that an attacker gained access to the client network through a VPN connection using a third-party IT management account. The IT management account had multi-factor authentication (MFA) disabled…

CISA, NSA issue new IAM best practice guidelines

4 min read - The Cybersecurity and Infrastructure Security Agency (CISA) and the National Security Agency (NSA) recently released a new 31-page document outlining best practices for identity and access management (IAM) administrators. As the industry increasingly moves towards cloud and hybrid computing environments, managing the complexities of digital identities can be challenging. Nonetheless, the importance of IAM cannot be overstated in today's world, where data security is more critical than ever. Meanwhile, IAM itself can be a source of vulnerability if not implemented…