Managing Access in the Cloud and Your Pocket

Online Exclusive: Managing Access in the Cloud and Your Pocket

Enterprises see a growth in employee demand for mobile device use in the workplace (a trend known as “Bring Your Own Device” – or BYOD), both to enhance individual productivity and generate business value.

Online Exclusive: Managing Access in the Cloud and Your Pocket

It’s no secret that two hot topics greatly impacting enterprises today are mobile and cloud. With these trends comes a renewed focus on security, specifically with respect to user access management.

According to IMS Research, by 2020 there will be more than 22 billion web-connected devices that will generate more than 2.5 quintillion bytes of new data each and every day. This provides an immense opportunity for companies to reach customers in new and exciting ways. With this, enterprises also see a growth in employee demand for mobile device use in the workplace (a trend known as “Bring Your Own Device” – or BYOD), both to enhance individual productivity and generate business value.

Whether you’re managing a number of devices on a corporate network or pushing new mobile apps to enhance customer experiences, secure access to these resources is more than strongly suggested; it’s an absolute must.  Here are some tips on securing mobile access:

  • Be sure to authenticate both the device and user before granting access. Mobile devices are often shared and could hold more sensitive information than just new baby photos or a high Angry Birds score.
  • Effective session management is key to lessening the risk of man-in-the-middle attacks. Make sure time limits and auto-locks are put in place to control this issue.
  • Take into account the context of your user with details like time, network, location, device characteristics and role, so that appropriate counter measures can be taken if a threat arises. Calculating this risk can help select the appropriate action for authentication, identify corresponding authorization policies to deploy and provide the user with best security practices for future use. To protect against mobile rooted attacks, access management threat protection needs to actively be addressed and countered.

Recently, companies have seen an increase in the cost saving benefits of sourcing technology services – like software, platforms and infrastructure – from cloud-based providers.

Using cloud technologies to deliver new services or content helps organizations save both valuable time and money. As more and more businesses launch new cloud offerings or deploy cloud-based solutions, secure access must be factored into the equation.

First, develop a robust single sign-on solution that can securely group identities across networks to improve user experience. The use of third-party identity providers like Google, Facebook or LinkedIn to authenticate the user is a growing trend among organizations. 

Next, a cloud access management solution needs be intelligent enough to assess the risk of a specific access attempt based on previous attempts by the user. To manage costs and compliance, organizations can enforce a flexible management policy for authorizing access.

IBM is a prime example of a business that has recognized these trends and embraced them. We continue to address changing requirements with the IBM Security Access Manager (ISAM) solution for cloud and mobile. To help businesses assess risk and adapt accordingly, ISAM now enables context-aware access control.

With 91% of people keeping their mobile device within arm's reach 100% of the time, the need for securely controlling access through mobile devices is no longer “a nice to have” it’s “a need to have.”   

About the Author

Dr. Nataraj (Raj) Nagaratnam is an IBM Distinguished Engineer and Chief Technology Officer for Security Solutions in IBM Security Systems. In this role, Raj leads cross IBM technical strategy for security solutions including mobile security, and cloud security; drives integration and innovation projects.

Featured

  • Survey: 54% of Organizations Cite Technical Debt as Top Hurdle to Identity System Modernization

    Modernizing identity systems is proving difficult for organizations due to two key challenges: decades of accumulated Identity and Access Management (IAM) technical debt and the complexity of managing access across multiple identity providers (IDPs). These findings come from the new Strata Identity-commissioned report, State of Multi-Cloud Identity: Insights and Trends for 2025. The report, based on survey data from the Cloud Security Alliance (CSA), highlights trends and challenges in securing cloud environments. The CSA is the world’s leading organization dedicated to defining standards, certifications, and best practices to help ensure a secure cloud computing environment. Read Now

  • Study: Only 35 Percent of Companies Include Cybersecurity Teams When Implementing AI

    Only 35 percent of cybersecurity professionals or teams are involved in the development of policy governing the use of AI technology in their enterprise, and nearly half (45 percent) report no involvement in the development, onboarding, or implementation of AI solutions, according to the recently released 2024 State of Cybersecurity survey report from ISACA, a global professional association advancing trust in technology. Read Now

  • New Report Series Highlights E-Commerce Threats, Fraud Against Retailers

    Trustwave, a cybersecurity and managed security services provider, recently released a series of reports detailing the threats facing the retail sector, marking the second year of its ongoing research into these critical security issues. Read Now

  • Stay Secure in 2024: Updated Cybersecurity Tips for the Office and at Home

    Cyber criminals get more inventive every year. Cybersecurity threats continue to evolve and are a moving target for business owners in 2024. Companies large and small need to employ cybersecurity best practices throughout their organization. That includes security integrators, manufacturers, and end users. Read Now

Featured Cybersecurity

Webinars

New Products

  • 4K Video Decoder

    3xLOGIC’s VH-DECODER-4K is perfect for use in organizations of all sizes in diverse vertical sectors such as retail, leisure and hospitality, education and commercial premises. 3

  • AC Nio

    AC Nio

    Aiphone, a leading international manufacturer of intercom, access control, and emergency communication products, has introduced the AC Nio, its access control management software, an important addition to its new line of access control solutions. 3

  • Luma x20

    Luma x20

    Snap One has announced its popular Luma x20 family of surveillance products now offers even greater security and privacy for home and business owners across the globe by giving them full control over integrators’ system access to view live and recorded video. According to Snap One Product Manager Derek Webb, the new “customer handoff” feature provides enhanced user control after initial installation, allowing the owners to have total privacy while also making it easy to reinstate integrator access when maintenance or assistance is required. This new feature is now available to all Luma x20 users globally. “The Luma x20 family of surveillance solutions provides excellent image and audio capture, and with the new customer handoff feature, it now offers absolute privacy for camera feeds and recordings,” Webb said. “With notifications and integrator access controlled through the powerful OvrC remote system management platform, it’s easy for integrators to give their clients full control of their footage and then to get temporary access from the client for any troubleshooting needs.” 3