Twenty years ago the IT department knew and cared about one thing: your device – a desktop computer.
Oh, yes, the users would come and go as job responsibilities changed, people were hired and fired, someone moved offices. But the computer stayed where it was, a simple and anchored device.
Fast forward to today. With the number of devices used on and off the job, that model has been turned on its head. It is easier to keep track of a user, rather than the numerous devices he/she uses.
I have five – how about you? Over any 24-hour period I might use one or all, depending on what I’m doing, where I’m doing it, ease of connection, or who I might be working or talking with. (Count along with me: Surface, IPad Touch, IPad, my smart phone and Windows desktop. I know, I know, some duplication but some things just get piled up.)
So this begs the question: what do I do for identity and access management? More importantly, what does my company do to deal with this revolution so critical company data is protected? How can anyone possibly set up a perimeter of protection when they can’t be sure where users will be, what devices or networks they will be using, or what applications will be importing the data? How do you keep your most important systems safe from theft and tampering?
The stakes are high. In the on-premises era, a company could muddle through knowing that perimeter defenses like firewalls and VPN would cover the gaps in security. But with the growth of virtualization, hybrid cloud connections and mobile technology, the sense – and reality – of security is gone. As data flows back and forth between company systems and public cloud resources, online attackers have been able to poke holes in the defenses and cause breaches.
As always, the weakest link is the user and his/her digital identity. Research shows more than 60 percent of data breaches stem from the theft of digital identities. And as people log into company data from a smartphone or tablet from anywhere in the world, the worries rise. So here are two guiding questions:
- “How do we ensure that the users of new technology get access when they need it AND be restricted from access when the organization requires it?”
- “How can we empower users to work as they like, where they like and from what device they like – not limited by location, device or application?”
We here at Applied Tech have insights, experience and ideas on ways to solve these sticky problems. We understand that not all companies and accounts are created equal. Talk with us about how we can you can step up your levels of security based on the risks posed by your business, the users and types of data that can be accessed. This can’t wait.