According to IT provider Empired, the digital world has opened up a new world of possibilities for enterprise security. Data is no longer bound by four walls and firewalls are now open to business partners, suppliers and cloud services.
Even web-facing consumer cloud services are more vulnerable to hacking than ever, and it is important that organisations move beyond their conventional views, the company says.
“The reality is there are no more boundaries for corporate data. With so many services in so many locations it’s no longer possible to draw a line around the network, which calls into question how to protect it,” explains Empired’s national business manager of cloud design and integration, Jaen Snyman.
“With data stored on-premises, in permitted cloud services, in unknown cloud services, on corporate devices, and on un-managed devices, data has moved beyond the network, which means we need a new security perimeter.”
Identity could be the new common language of data – or the new control plane. It should also make up the new security perimeter, Empired explains.
Identity is also about who a user is rather than where they are. Digital identities are, in fact, about much more than a simple username and password.
“With identity as the control plane who you are can be used to get access to different data within the organisation whether users are in the office, at home, or somewhere else,” Snyman says.
“Further, using identity provides an additional layer of protection. For example, if an employee usually accesses particular data in the office and is suddenly trying to access this from a different location, this could raise a red flag and prompt the system to ask further questions to verify the identity of the person accessing the data.”
The company says there are three approaches to identity-driven security.
1. Protecting the front door: Safeguard resources at the front door with innovative and advanced risk-based conditional accesses. 2. Providing layered protection: Gain deep visibility into user, app, devices, and data activity on-premises and in the cloud. 3. Detecting attacks before they cause damage: Uncover suspicious activity and pinpoint threats with deep visibility and ingoing behavioural analytics.