View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
December 17, 2014

Identity Is the New Perimeter

Tom Kemp, CEO, Centrify, argues that Identity-as-a-Service could be the answer to protecting today's cloud-based, mobile enterprise.

By Cbr Rolling Blog

Another day, another massive security breach. This year has seen a number of high profile breaches including the security hole in Apple’s iCloud that granted unauthorised access to lost and stolen iOS devices. eBay suffered a crippling cyber-attack that compromised its main database, forcing all users to change their passwords, and AOL confirmed a significant security incident involving unauthorised access to the company’s network and systems.

When even the most powerful Internet companies are vulnerable, it’s time to ask if traditional security measures, such as antivirus software, passwords, VPNs and firewalls are still capable of doing the job?

Unfortunately, the answer seems to be a resounding ‘no’. This is not surprising given the increasingly nebulous nature of the corporate data centre.

The data centre has expanded to include cloud and mobile environments, and become an almost virtual concept, with many employees accessing work-related services and data on their own devices. As a result, enterprise data has become exponentially harder to secure as more and more is now happening outside the traditional security perimeter.

So here’s the question: how do we lock down this expanding work perimeter without losing productivity, and without opening the door to more security breaches? Clearly, a new approach is needed to protect today’s cloud-based, mobile enterprise.

The fragmentation of the traditional perimeter has paved the way for Identity as a Service, and ultimately created Identity as the new perimeter. Organisations must begin by securing the person, an individual’s identity, as the first line of defence, rather than the corporate network.

Why? Because applications and data are increasingly controlled by a host of cloud providers, and are increasingly outside the control of corporate networks. The ability to authenticate users into those cloud-based and mobile environments remains the one central point of control. That is precisely why identity management is becoming the new perimeter.

Content from our partners
Unlocking growth through hybrid cloud: 5 key takeaways
How businesses can safeguard themselves on the cyber frontline
How hackers’ tactics are evolving in an increasingly complex landscape

This is where Identity as a Service plays its part. Today, organisations of all sizes are adopting mobile devices and cloud-based applications (Software-as-a-Service or SaaS) in order to reduce costs, shorten time to market, and further business agility and productivity across their distributed workforce.

As such, organisations are faced with a hybrid of on-premise data centre, cloud and mobile resources, some of which is owned by central IT, some of it third party, and some owned by users. Incorporating Single Sign-On (SSO) will enhance IT security and control, enabling businesses to manage user identity, and simplify the end user experience. Users will then only have to remember one username and password to access all of their applications whether in the cloud, on-premises, or via mobile devices.

From a security standpoint, it no longer makes sense to distinguish between what happens inside the four walls of an organisation and what happens outside. The old security perimeter has been blown to pieces. If organisations want to protect their data going forward, they first need to manage and secure the identities of their users.

Identity as a Service enables businesses to secure their resources and intellectual property whilst simultaneously giving end-users access to the tools they require, without hindering their productivity.

Investing in SSO enables users to logon to multiple applications within an enterprise using just one password, and provide the capacity to enforce authentication policies across an organisation. It will authenticate the user for all the applications they have been given rights to. IT can also control user access to applications, mitigating the risks associated with unauthorised user access.

With the traditional perimeter in tatters, organisations need to think differently about how they manage security and user identities. They no longer need to care about where their users are physically. Instead, they need to ensure that users really are who they say they are. In this new paradigm, user authentication is paramount — and the best way for organisations to keep their data and applications secure.

By adopting a centralised approach to identity management, organisations can finally begin to create a new perimeter that fully protects the business across the complete distributed IT environment of data centre, cloud and mobile.

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how New Statesman Media Group may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.