Implementing an Identity Centric Approach
With the latest Verizon Data Breach Incident Report finding that 81 percent of hacking related breaches leveraged either stolen and/or weak passwords, our clients are consistently asking us, are we really immune to a breach?
Despite significant spending on single-point, defense-focused cyber security technologies, companies are still at significant risk. The change in how we do business – more connected, more open, more consumer-based – is making us more vulnerable, and the credential is under attack. But what if your existing technologies, that inevitably contain information about a user and their transactions, could be integrated to provide a more intelligent approach to authenticating, authorizing and managing users?
Organizations need to focus on maturing their identity and access management (IAM) program to cover the main pillars – identity data management, access management, identity management, access governance, privileged access management, and data security and analytics. However, based on business drivers and security policies, implementing an identity centric approach to security is imperative.
Now is the time to evaluate goals and inventory your existing cyber security technologies. Armed with that information, you can establish an implementation roadmap that integrates your existing cyber security technologies with your IAM infrastructure. From there, you can create an architecture that can improve your security posture and reduce the risk of a breach due to compromised credentials.
The Identity Defined Security Alliance (IDSA), founded by Ping Identity in conjunction with Optiv, is a community of technology vendors, solution providers and customers leading the charge in advocating for this new approach to security. The premise focuses on putting identity at the center, using the intelligence of your infrastructure to protect the most vulnerable aspect of your organization. In addition to thought leadership and advocacy, members of the IDSA are collaborating on uses cases, the first of which were published today on the IDSA website.
Most individuals in the security industry agree that the issue is not a matter of if you will be breached but when. Based on 2016 data, that breach most likely will tie back to a credential that has been compromised in some way.
If you’re at the Cloud Identity Summit in Chicago this week, you can see the IDSA’s approach showcased through a series of technology demos at a lunch-and-learn on Tuesday, June 16 at noon, or at the Optiv booth (218).
Gloss