Managing Access in the Cloud and Your Pocket

Online Exclusive: Managing Access in the Cloud and Your Pocket

Enterprises see a growth in employee demand for mobile device use in the workplace (a trend known as “Bring Your Own Device” – or BYOD), both to enhance individual productivity and generate business value.

Online Exclusive: Managing Access in the Cloud and Your Pocket

It’s no secret that two hot topics greatly impacting enterprises today are mobile and cloud. With these trends comes a renewed focus on security, specifically with respect to user access management.

According to IMS Research, by 2020 there will be more than 22 billion web-connected devices that will generate more than 2.5 quintillion bytes of new data each and every day. This provides an immense opportunity for companies to reach customers in new and exciting ways. With this, enterprises also see a growth in employee demand for mobile device use in the workplace (a trend known as “Bring Your Own Device” – or BYOD), both to enhance individual productivity and generate business value.

Whether you’re managing a number of devices on a corporate network or pushing new mobile apps to enhance customer experiences, secure access to these resources is more than strongly suggested; it’s an absolute must.  Here are some tips on securing mobile access:

  • Be sure to authenticate both the device and user before granting access. Mobile devices are often shared and could hold more sensitive information than just new baby photos or a high Angry Birds score.
  • Effective session management is key to lessening the risk of man-in-the-middle attacks. Make sure time limits and auto-locks are put in place to control this issue.
  • Take into account the context of your user with details like time, network, location, device characteristics and role, so that appropriate counter measures can be taken if a threat arises. Calculating this risk can help select the appropriate action for authentication, identify corresponding authorization policies to deploy and provide the user with best security practices for future use. To protect against mobile rooted attacks, access management threat protection needs to actively be addressed and countered.

Recently, companies have seen an increase in the cost saving benefits of sourcing technology services – like software, platforms and infrastructure – from cloud-based providers.

Using cloud technologies to deliver new services or content helps organizations save both valuable time and money. As more and more businesses launch new cloud offerings or deploy cloud-based solutions, secure access must be factored into the equation.

First, develop a robust single sign-on solution that can securely group identities across networks to improve user experience. The use of third-party identity providers like Google, Facebook or LinkedIn to authenticate the user is a growing trend among organizations. 

Next, a cloud access management solution needs be intelligent enough to assess the risk of a specific access attempt based on previous attempts by the user. To manage costs and compliance, organizations can enforce a flexible management policy for authorizing access.

IBM is a prime example of a business that has recognized these trends and embraced them. We continue to address changing requirements with the IBM Security Access Manager (ISAM) solution for cloud and mobile. To help businesses assess risk and adapt accordingly, ISAM now enables context-aware access control.

With 91% of people keeping their mobile device within arm's reach 100% of the time, the need for securely controlling access through mobile devices is no longer “a nice to have” it’s “a need to have.”   

About the Author

Dr. Nataraj (Raj) Nagaratnam is an IBM Distinguished Engineer and Chief Technology Officer for Security Solutions in IBM Security Systems. In this role, Raj leads cross IBM technical strategy for security solutions including mobile security, and cloud security; drives integration and innovation projects.

Featured

  • Planning for Your Perimeter

    Planning for Your Perimeter

    The perimeter is an organization’s first line of defense and a critical element of any security and surveillance program. Even if a building’s interior or exterior security is strong, without a solid perimeter surveillance approach any company or business is vulnerable. Read Now

  • The Key Issue

    The Key Issue

    It is February 2014. A woman is getting ready in her room on a cruise ship when she hears a knock on the door; it is a crewmember delivering breakfast. She is not presentable so she tells him to leave it by the door. Read Now

  • Achieving Clear Communications

    Achieving Clear Communications

    Technology within the security industry has adapted to numerous changes through the years, from the early days of analog devices to today’s IP-based solutions, networked cameras, and access control solutions, in addition to analytics, cloud-based products, virtual security guards, and more. Read Now

  • Taking Flight

    Taking Flight

    Airport security is a complex system that incorporates multiple technologies to ensure the safety and security of travelers, employees and the facility itself. Sound-based technologies are integral pieces of this system, providing means of communication, notification and monitoring. Read Now

Featured Cybersecurity

New Products

  • PACE® Long Range Ethernet Solutions

    PACE® Long Range Ethernet Solutions

    Altronix introduces the newest addition to its portfolio of PACE® Long Range Ethernet Solutions. 3

  • ComNet NW1 Gen 4

    ComNet NW1 Gen 4

    ComNet, Communication Networks, is announcing the introduction of its Generation 4 line of NetWave® wireless products that offer greater performance and increased stability in applications where throughput and increased bandwidth is increasingly important. 3

  • Camden Door Controls Application Spec Guide

    Camden Door Controls Application Spec Guide

    Camden Door Controls, an industry-leading provider of innovative, high quality door activation and locking products, has published a new application spec guide for specification writers designing a wireless barrier-free restroom control system. 3