​Securing your identity when you’re up in the cloud

By Kevin Cunningham, President and Co-founder at SailPoint

In the last year alone, CIO mandates to only adopt cloud applications increased considerably. Research from IDC claims that by 2019, IT managers and enterprises will be spending more than $US141 billion annually on cloud services.

As enterprise cloud adoption grows across Australia and globally, IT managers face an entirely new set of considerations when it comes to data privacy exposures, security breaches and compliance issues. Before organisations can reap the full benefits of the cloud, IT managers face three key challenges.

First, as organisations make the move to the cloud, they often still continue to have a number of critical applications remaining on-premises – in some cases, for many years to come. Even for firms with a “cloud-first” mandate, any cloud-based identity management solution must cover all the bases by providing comprehensive coverage to the hybrid IT environment.

Secondly, in today’s BYOD world, employees can use their personal devices to access corporate accounts in the cloud. IT managers need visibility into and control over this environment where the “network perimeter” is essentially dissolved. Often, the only link IT has between the end-user on a smartphone and an account for a SaaS application is the user’s identity. Effectively managing identity is the key to governing the perimeter-less enterprise.

Lastly, unstructured data is exploding in the enterprise and out to the cloud in storage systems such as DropBox. This data was previously kept secure in a database or application, but in the name of convenience and collaboration, is now distributed in a largely uncontrolled fashion. With sensitive data potentially making the move to cloud storage services, it is critical for firms to understand and manage where this data exists and who has access to it.

A crucial shift in approach

In order for organisations to make the most of the cloud without exposing themselves to security and privacy concerns, there needs to be a shift in the overall approach to IT security. One key way to do this is to ensure that identity is at the centre of your IT and security approach. Understanding identity is often the most critical element to avoiding common cloud challenges.

To do this effectively, the historic barriers and separate silos of security and operations processes need to be broken down. IT managers need better visibility into who is doing what and what kind of risk that represents, so organisations can be more proactive in dealing with threats in real-time – across the entire hybrid IT enterprise infrastructure.

A cloud-savvy future for identity governance

The ability to manage and control identities across the hybrid IT environment while securely migrating to a cloud enterprise requires sound identity governance. There is a new generation of cloud-based identity governance solutions that meet hybrid IT environment needs while extending the benefits of the cloud. However, as with all new markets, there will be technology claims that may exceed a vendor’s ability to deliver. It’s vital that IT managers know what to look for to choose the right vendor:

Connect: A comprehensive cloud-based identity governance must be able to connect to all enterprise systems, from the legacy applications that have been in use for years to the SaaS applications that are being adopted today. IT managers need visibility into all the information about an identity, across all the applications an enterprise uses, all the data it has, and across all users – no matter where they are located or what devices use.

Govern: It may seem obvious, but cloud-based identity governance should also be able to govern everything. Organisations must have a grasp of who should have access, who actually has access, and what users are doing with their access to applications and data for all users. This requires the ability to define a desired state and continually assess where access is not aligned with the model.

Empower: IT managers must empower their users to work how they like to work, wherever they are and on whatever device they want to use. This enables organisations to safely increase collaboration both inside and outside of the network.

By treating identity as a company-wide initiative, organisations can ensure visibility, control and governance to all data and applications. Only by taking an ‘identity-first’ governance approach can IT managers help their organisations become ‘cloud-first’ over time. Identity governance forms the foundation for maintaining a safe IT environment as more and more Australian organisations shift to the cloud.