Connect with us
Our website publishes news, press releases, opinion and advertorials on various financial organizations, products and services which are commissioned from various Companies, Organizations, PR agencies, Bloggers etc. These commissioned articles are commercial in nature. This is not to be considered as financial advice and should be considered only for information purposes. It does not reflect the views or opinion of our website and is not to be considered an endorsement or a recommendation. We cannot guarantee the accuracy or applicability of any information provided with respect to your individual or personal circumstances. Please seek Professional advice from a qualified professional before making any financial decisions. We link to various third-party websites, affiliate sales networks, and to our advertising partners websites. When you view or click on certain links available on our articles, our partners may compensate us for displaying the content to you or make a purchase or fill a form. This will not incur any additional charges to you. To make things simpler for you to identity or distinguish advertised or sponsored articles or links, you may consider all articles or links hosted on our site as a commercial article placement. We will not be responsible for any loss you may suffer as a result of any omission or inaccuracy on the website.

TECHNOLOGY

How to manage identity in a hybrid cloud environment

How to manage identity in a hybrid cloud environment 39

How to manage identity in a hybrid cloud environment 40

 

By Chad McDonald, CISO, Radiant Logic

Thanks to the COVID-19 pandemic, the professional landscape has drastically changed for most organisations, with many adopting a hybrid working environment. As a result, many businesses moved towards hybrid cloud environments in order to ensure that both on-prem and cloud environments are supported. However, there’s a catch.

For decades, businesses have been storing their identity data across multiple sources – many requiring different protocols and standards – resulting in a fractured and siloed infrastructure. Hybrid cloud environments need to integrate identity data from on-premise and the cloud in order to create a seamless user experience and provide maximum security. However, organisations are struggling to achieve this.

In conversation with Chad McDonald, CISO at Radiant Logic, we spoke about security challenges that come with cloud and how organisations can control identity within their hybrid cloud environment.

How do Identity Access Management challenges cause stress for executives?

When organisations suffer from an identity sprawl it results in identity data being inaccessible, overlapping and conflicting. This makes it near on impossible for IT teams to build accurate and complete user profiles, ultimately leading to a security risk.

One of the easiest ways for threat actors to get into an organisation’s system is by accessing ghost or stranded accounts. IT teams are unsure who should exactly have access to what, and they don’t always have visibility into which accounts have been provisioned or deprovisioned. Threat actors can use these forgotten identity credentials to access restricted areas of the network and cause significant damage to an organisation’s systems, all whilst remaining virtually undetected.

Furthermore, due to remote working, employees are now accessing data from the cloud as standard, and the number of connected systems and availability of these systems has triggered many cyber threats. Traditionally, the data was stored in a data centre, but now a lot of critical data has been saved on the cloud as companies move towards a cloud-first mentality or strategy.

This means that companies now have to manage data in the cloud as well as data stored on legacy systems, which has put the firms under a lot of stress. Businesses cannot move to cloud-based data storage overnight and hence need to have their legacy systems in place as well. In a recent report from Gartner Peer Insights, 60% of executives said that legacy systems are still very important, while 31% agreed that they are moderately important.

Lmited resources and the growing footprint of IT lead to an expanded= their attack surface, meaning that IT teams struggle to maintain full visibility across their systems and a security breach is an accident waiting to happen. Therefore, organisations need to start a comprehensive identity data management strategy.

How can stronger identity data management help organisations in hybrid cloud environments?

Historically, we’ve thought of identity in a physical sense and built a perimeter with firewalls and network security controls in order to protect it. However, when an organisation takes their data to the cloud this parameter is erased.

The intent of the cloud is to provide high availability from anywhere at any time. That availability is a boon for appropriate users, but it can be dangerous in the wrong hands. So, without the proper security protocols in place, the cloud puts organisations at risk.

Enterprises need to be able to identify users, properly authenticate them, and manage their entitlements before they are able to access certain areas or assets. However, in order this to happen, access control needs to be granular, which in turn requires accurate and complete identity data.

By having an authoritative pipeline of  identity data, IT teams are able to accurately identify who each user is and what they are allowed to access. Ideally, the organisation will leverage some type of intelligence, such as Machine Learning, Artificial Intelligence, or Behavioral Analysis to furtner ensure that the context of the authorised usage of the identity and data is aligned with normal and approved activity.  This then gives IT teams complete visibility over their network and, ultimately, tightens security gaps. On a strategic business level, having a global view of identity data makes it possible to achieve improved performance and outcomes, greater security and compliance, expedited time to market, and other benefits.

What is an Identity Data Fabric and how can it unify distributed identity data?

Organisations can greatly improve visibility by  unifying their identity data with an approach called an Identity Data Fabric. This enables a single pane of visibility for all identities to highlight redundancies in identities, ghost accounts, and profiles with unnecessarily high privileges. 

By working at the data layer rather than the application layer, an Identity Data Fabric approach unifies identity data from all sources, be it stored on the cloud or on-prem. Applications and systems can hence access identity data from anywhere at any given point, irrespective of the formats or protocols they use.

Identity data fabric also allows an organisation to partition or carve identity data in order to limit exposing an entire identity store to an application or user if it isn’t warranted. Hence, an employee or application can only view the data that is relevant and not the entire data archive, reducing the chance of a security breach from a potential disgruntled insider threat or compromised application. 

Accuracy, efficiency and security are the three components to ensure that hybrid cloud environments meet the needs of the business. Building anIdentity Data Fabric offers a single source of identity, which can serve both immediate and long-term cloud migration projects.  

A key takeaway from this in-depth view into identity protection is that the best time for a company to start their identity protection program is now. Managing identity will only become more difficult as IT environments continue to grow in scope and complexity, so the sooner firms act, the better.

 

Continue Reading