Managing Access in the Cloud and Your Pocket

Online Exclusive: Managing Access in the Cloud and Your Pocket

Enterprises see a growth in employee demand for mobile device use in the workplace (a trend known as “Bring Your Own Device” – or BYOD), both to enhance individual productivity and generate business value.

Online Exclusive: Managing Access in the Cloud and Your Pocket

It’s no secret that two hot topics greatly impacting enterprises today are mobile and cloud. With these trends comes a renewed focus on security, specifically with respect to user access management.

According to IMS Research, by 2020 there will be more than 22 billion web-connected devices that will generate more than 2.5 quintillion bytes of new data each and every day. This provides an immense opportunity for companies to reach customers in new and exciting ways. With this, enterprises also see a growth in employee demand for mobile device use in the workplace (a trend known as “Bring Your Own Device” – or BYOD), both to enhance individual productivity and generate business value.

Whether you’re managing a number of devices on a corporate network or pushing new mobile apps to enhance customer experiences, secure access to these resources is more than strongly suggested; it’s an absolute must.  Here are some tips on securing mobile access:

  • Be sure to authenticate both the device and user before granting access. Mobile devices are often shared and could hold more sensitive information than just new baby photos or a high Angry Birds score.
  • Effective session management is key to lessening the risk of man-in-the-middle attacks. Make sure time limits and auto-locks are put in place to control this issue.
  • Take into account the context of your user with details like time, network, location, device characteristics and role, so that appropriate counter measures can be taken if a threat arises. Calculating this risk can help select the appropriate action for authentication, identify corresponding authorization policies to deploy and provide the user with best security practices for future use. To protect against mobile rooted attacks, access management threat protection needs to actively be addressed and countered.

Recently, companies have seen an increase in the cost saving benefits of sourcing technology services – like software, platforms and infrastructure – from cloud-based providers.

Using cloud technologies to deliver new services or content helps organizations save both valuable time and money. As more and more businesses launch new cloud offerings or deploy cloud-based solutions, secure access must be factored into the equation.

First, develop a robust single sign-on solution that can securely group identities across networks to improve user experience. The use of third-party identity providers like Google, Facebook or LinkedIn to authenticate the user is a growing trend among organizations. 

Next, a cloud access management solution needs be intelligent enough to assess the risk of a specific access attempt based on previous attempts by the user. To manage costs and compliance, organizations can enforce a flexible management policy for authorizing access.

IBM is a prime example of a business that has recognized these trends and embraced them. We continue to address changing requirements with the IBM Security Access Manager (ISAM) solution for cloud and mobile. To help businesses assess risk and adapt accordingly, ISAM now enables context-aware access control.

With 91% of people keeping their mobile device within arm's reach 100% of the time, the need for securely controlling access through mobile devices is no longer “a nice to have” it’s “a need to have.”   

About the Author

Dr. Nataraj (Raj) Nagaratnam is an IBM Distinguished Engineer and Chief Technology Officer for Security Solutions in IBM Security Systems. In this role, Raj leads cross IBM technical strategy for security solutions including mobile security, and cloud security; drives integration and innovation projects.

Featured

  • Video Surveillance Trends to Watch

    With more organizations adding newer capabilities to their surveillance systems, it’s always important to remember the “basics” of system configuration and deployment, as well as the topline benefits of continually emerging technologies like AI and the cloud. Read Now

  • New Report Reveals Top Trends Transforming Access Controller Technology

    Mercury Security, a provider in access control hardware and open platform solutions, has published its Trends in Access Controllers Report, based on a survey of over 450 security professionals across North America and Europe. The findings highlight the controller’s vital role in a physical access control system (PACS), where the device not only enforces access policies but also connects with readers to verify user credentials—ranging from ID badges to biometrics and mobile identities. With 72% of respondents identifying the controller as a critical or important factor in PACS design, the report underscores how the choice of controller platform has become a strategic decision for today’s security leaders. Read Now

  • Overwhelming Majority of CISOs Anticipate Surge in Cyber Attacks Over the Next Three Years

    An overwhelming 98% of chief information security officers (CISOs) expect a surge in cyber attacks over the next three years as organizations face an increasingly complex and artificial intelligence (AI)-driven digital threat landscape. This is according to new research conducted among 300 CISOs, chief information officers (CIOs), and senior IT professionals by CSC1, the leading provider of enterprise-class domain and domain name system (DNS) security. Read Now

  • ASIS International Introduces New ANSI-Approved Investigations Standard

    • Guard Services
  • Cloud Security Alliance Brings AI-Assisted Auditing to Cloud Computing

    The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications, and best practices to help ensure a secure cloud computing environment, today introduced an innovative addition to its suite of Security, Trust, Assurance and Risk (STAR) Registry assessments with the launch of Valid-AI-ted, an AI-powered, automated validation system. The new tool provides an automated quality check of assurance information of STAR Level 1 self-assessments using state-of-the-art LLM technology. Read Now

New Products

  • Camden CM-221 Series Switches

    Camden CM-221 Series Switches

    Camden Door Controls is pleased to announce that, in response to soaring customer demand, it has expanded its range of ValueWave™ no-touch switches to include a narrow (slimline) version with manual override. This override button is designed to provide additional assurance that the request to exit switch will open a door, even if the no-touch sensor fails to operate. This new slimline switch also features a heavy gauge stainless steel faceplate, a red/green illuminated light ring, and is IP65 rated, making it ideal for indoor or outdoor use as part of an automatic door or access control system. ValueWave™ no-touch switches are designed for easy installation and trouble-free service in high traffic applications. In addition to this narrow version, the CM-221 & CM-222 Series switches are available in a range of other models with single and double gang heavy-gauge stainless steel faceplates and include illuminated light rings.

  • HD2055 Modular Barricade

    Delta Scientific’s electric HD2055 modular shallow foundation barricade is tested to ASTM M50/P1 with negative penetration from the vehicle upon impact. With a shallow foundation of only 24 inches, the HD2055 can be installed without worrying about buried power lines and other below grade obstructions. The modular make-up of the barrier also allows you to cover wider roadways by adding additional modules to the system. The HD2055 boasts an Emergency Fast Operation of 1.5 seconds giving the guard ample time to deploy under a high threat situation.

  • Compact IP Video Intercom

    Viking’s X-205 Series of intercoms provide HD IP video and two-way voice communication - all wrapped up in an attractive compact chassis.