Australian businesses face a growing array of sophisticated cyberthreats aimed at breaching networks, stealing data, and causing disruption. As a result, many are on the hunt for new ways to secure their IT infrastructures.
One approach attracting increasing attention is cloud identity and access management (Cloud IAM). Cloud IAM is a security framework used to verify users and control their rights to access digital resources.
As well as protecting both public and private cloud-based resources, the strategy can also afford protection to those located in on-premise infrastructures. It allows users to authenticate from any device at any time and gain access to the applications and data they require.
According to research conducted by the UK-based Digital Shadow Photon Research team, the average person currently uses almost 200 services that require them to enter passwords or other credentials. The group's research found that 15 billion stolen credentials allowing account takeovers were available on the dark web.
These credentials included username and password pairs for online banking, social media accounts, and music streaming services. Ensuring such compromised credentials cannot be used by cybercriminals to access corporate resources is an essential part of any strong cybersecurity strategy.
Undertaking a Cloud IAM strategy
Cloud IAM delivers two of the critical components of access management: authentication and access control. It allows a business to authenticate users no matter where they are and provide secure access to resources across cloud, SaaS, on-prem and APIs.
At the same time, it can increase network speeds and infrastructure agility and efficiency. A more flexible and scalable alternative replaces the limitations and costs associated with on-premises IAM with Cloud IAM in place.
When organisations opt to embrace this strategy, the two most common starting points are authentication and access security.
Authenticating individuals to ensure they are who they claim to be is not a new concept. For example, banks have long required proof of identity before customers can withdraw money, while bar staff require youthful-looking customers to verify their age. Authentication takes this process online, with multiple forms of proof required for increased security.
Meanwhile, access security is about ensuring the right people are granted access to the right resources and nothing more. Even verified users can pose a threat to an enterprise, so following the principle of least privilege ensures access is limited to just what is needed by a user to safeguard sensitive information. For example, you don't want customers to access employee-only resources or give all employees access to personnel files maintained by the HR department.
There is a range of key benefits that a Cloud IAM strategy can deliver. These include:
- Meeting cloud-first mandates:
Digital transformation strategies are a high priority for many organisations. Cloud IAM increases deployment speeds because implementation is hosted in the cloud rather than on-prem, which would require investments in equipment and personnel.
- Lower IT infrastructure costs:
With an increased proportion of people continuing to work from home, IT teams must manage more apps, resources, and devices. On-prem IAM may be insufficient for this, and costs can be greatly reduced using an Identity-as-a-Service (IDaaS) or managed cloud service provider for Cloud IAM.
- Improved flexibility and scalability:
IAM solutions deployed on a cloud platform are available 'as a service' from the vendor's private cloud or as software deployed in the organisation's own private or public cloud. Cloud IAM solutions are also flexible and easy to scale for new users.
- Enhanced security:
Cloud IAM also boosts security with capabilities like two-factor authentication (2FA) and multi-factor authentication (MFA) that reduce reliance on passwords. Both 2FA and MFA verify a user's identity using multiple authentication factors.
- An improved user experience:
Single sign-on streamlines the login process and gives users faster and easier access to the resources they need. Cloud IAM solutions are available for customers, employees, and partners. From customers looking for a frictionless login experience at eCommerce sites to employees trying to get their work done using multiple applications throughout the day, using one set of credentials saves time and frustration.
- Increased productivity:
Most employees need access to a range of applications every day to complete their tasks. When those employees are required to create new accounts for each and use multiple passwords, productivity declines. By minimising time spent on logins, Cloud IAM can help these staff gain access to the resources they need faster and with less friction.
It's clear that Cloud IAM has much to offer organisations of all sizes. By improving levels of security while also improving the usability of systems, it can help boost productivity across the board. Consider how Cloud IAM could aid your organisation in 2022.
Article by Ping Identity head of APAC and Japan, Ashley Diffey.