sb-eu logo
Story image

Users, applications, and data: The new frontiers in identity

16 Jul 2018

Data breaches and compliance aren’t the only challenges facing security professionals today. The pressure to embrace digital transformation by enterprises is also mounting – both user and application populations are growing, data is exploding, and organisations are fighting to deliver customer value and competitive edge at every turn.

With the very nature of business changing, identity must evolve to meet the needs of the modern enterprise – across all users, all applications and all data.

New frontiers in identity

There are three core areas within the enterprise where growing scale and complexity is making identity management more central than ever, these include:

The user frontier – who, or maybe better yet what organisations consider an identity is changing. While enterprises have long focused on managing access rights and privileges for employees, contractors and partners, there’s a new enterprise user coming to the cloud and data centre: intelligent bots, or Robotic Process Automation. These bots are accessing data, making decisions on that data, and then performing actions. When we give such access to people, we scrutinise their access, which is now what organisations need to do with regard to bots.

The application frontier – most enterprises have experience in governing access to several hundred applications. However, with the explosion of cloud services, the number of applications that need to be governed is on the rise. It’s not unusual for larger organisations to deal with thousands of applications. As the number of applications grows, identity governance must adapt to cope with increased scale, and applications, both on and off-premises.

The data frontier – while the increasing number of applications creates identity management challenges, so does the rising amount of data stored in unstructured files (PDF or PowerPoint files, for example).

There’s a huge amount of sensitive data being created and stored in the enterprise and outside the application. For example, end users create a significant amount of risk by copying and storing company data in unstructured files in collaboration platforms such as SharePoint or cloud storage services like Box or DropBox.

With the growing pressures associated with new types of users, increased applications, and vast volumes of unstructured data, enterprises must take a different approach to managing identity. Fortunately, to meet these challenges, there are also new technologies coming to market that can help enterprises to manage identity more effectively and reduce risk and improve efficiency. 

AI + identity

Technologies such as AI are increasingly being deployed for new use cases – including for identity management – enabling enterprises to make fast but intelligent identity and access decisions.

For example, with AI enterprises can better distinguish how access is being used and quickly differentiate normal usage from suspicious usage. When organisations can understand what “normal” access looks like on a particular system, they can swiftly identify suspicious activity and terminate that access or, following an assessment by the appropriate team, determine that access is valid and then permit it.

Such technological advances show that, despite growing risks and complexity in managing enterprise technology and data, it’s not all doom and gloom. There are many ways AI and identity will help spark innovation.

AI will help organizations to govern smarter, define risk more precisely, while enabling enterprises to move forward much more nimbly and with less risk. Ultimately, AI provides a lens with which to focus on identity governance processes and controls so enterprises can manage the risk, not the noise.

And while AI isn’t a panacea for the new frontiers of identity – it will have a significant impact on how the overall identity management industry moves forward to keep pace with the rapid digitalisation of the enterprise world.

Navigating the path forward

Technology and innovation are changing the way we work, the nature of business users is evolving, and the volume of applications and data are furiously increasing. There is immense pressure to digitise the enterprise, which has enterprises pushing the boundaries to compete and to continually deliver value.

The only way to push those boundaries securely is to employ a comprehensive identity management strategy that secures these ‘new frontiers’ in identity: governing the digital identities of all users across all applications and all data.

Article by SailPoint CEO and founder Mark McClain.

Story image
Zero trust is the way to secure the distributed workforce - Empired
Existing security solutions need to evolve to accommodate the new remote workforce.More
Story image
Research: 61% of companies have suffered an insider attack in last 12 months
It comes as rapid migration to cloud and remote working and BYOD scenarios leave organisations increasingly vulnerable to insider attacks as a result of the upheaval caused by the COVID-19 pandemic.More
Story image
Ripple20 threat has potential for 'vast exploitation', ExtraHop researchers find
One in three IT environments are vulnerable to a cyber threat known as Ripple20. This is according to a new report from ExtraHop, a cloud-native network detection and response solutions provider. More
Story image
Check Point acquires Odo Security to bolster remote security offering
The deal will integrate Odo’s remote access software with Check Point’s Inifinity architecture, bolstering the latter company’s remote security capabilities in a time where working and learning from home has become the norm, and looks to largely remain that way in the near future.More
Story image
Kaspersky releases new report on consumer’s approach to digital services
COVID-19 related restrictions and the necessity to stay indoors has influenced the way people approach digital services, making them more aware of how securely both they, and their housemates, use the internet.More
Story image
The guide to digital security in unstable times
An increase in vulnerability across different sectors has meant that 2020 has seen more than its fair share of cybersecurity incidents. One of the most effective ways to combat the perils of today’s cyber-threats is to gain a better knowledge of the threat vectors looming over the heads of organisations. More