sb-as logo
Story image

Three access management trends making waves in APAC

08 Nov 2018

Article by Auth0 CEO and co-founder Eugenio Pace

 In an attempt to prevent the growing pandemic of cyber crime, hacks, and breaches, companies are turning to Identity and Access Management (IAM) as a crucial piece of the equation when building or modernising any application or web service.

In fact, a recent industry report by Report Buyer forecasts the world of consumer identity proofing, authentication, and authorisation will top the $37 billion value mark by 2023.

This growth comes as no surprise, with a whopping 22 million personal records exposed in the first half of 2018 alone.

In APAC, the figures are even more staggering – 67% of APAC countries suffered job losses as a consequence of cyber attacks in a single year, and recent reports measured the total economic impact of cyber attacks in APAC at an annual US$1,745 trillion – seven percent of the region’s total GDP.

Thankfully, identity access management is rapidly ascending on the Asia Pacific enterprise shopping list, and APAC accounts for the highest growth rate in the entire global IAM market.

Cyber crime affects every business - large and small - but the larger the enterprise, the more that’s at stake.

It’s vital to keep a finger on the pulse of emergent cybersecurity trends, and here are three that should be high on every APAC CIO’s agenda:

1. Risk-based security is arming enterprises

Recent IBM-backed studies estimate the cost of data breaches to be at around $3.72million each. Most of these breaches involve some sort of phishing, a form of identity theft that has been unswayed by old multi-factor authentication solutions.

The sophistication of these attacks are so high, and so pervasive, that traditional means of security user identity are falling short. 

Using risk-based security and having measures in place to thwart the efforts of cybercriminals is much more effective. 

Multifactor Authentication, Breached Password Detection, and Anomaly Detection are essential pieces of any IAM strategy, and users’ real-time data (including time, location, source device, browser and network reputation) are tracked to rate the security of a login attempt.

If flagged as suspicious, the attempt is red-flagged and these measures are put into place, providing additional layers of protection.  

2. Urgent GDPR-compliant adoption enabled by extensible IAM

“Just like the size of an iceberg, the economic loss for organisations suffering cybersecurity attacks can be often underestimated,” warns Microsoft Asia enterprise cybersecurity group director Eric Lam.

Now, in the wake of the EU’s new GDPR regulations, these economic risks have increased tenfold for companies around the world, with fines of up to 4% annual revenue waving a warning flag.

Obviously, increased identity governance has had to take priority – even in non-EU countries – after the legislation placed identity ownership back into the hands of individuals, empowering them with explicit permission, the “right to forget”, increased transparency, permanency of records, time limits on reporting breaches, and further consequences for companies not complying.

With regulations still evolving (and sure to evolve elsewhere in the market), companies need better (and more flexible) data management tools that help them evolve too - with immediate effect.

So, extensible IAM solutions that help jumpstart identity innovation and enable immediate GDPR compliance are taking centre stage.

Easy-to-deploy access security software enables tech decision makers with a developer/hacker mindset to implement fast and effective measures in their enterprises across all use cases, with the flexibility to expand into any direction.

3. Companies need one-stop shops

As cloud technologies, BYOD, remote work policies, and IoT devices infiltrate workplaces, IDaaS (Identity-as-a-Service) is becoming increasingly popular as a one-stop shop for access management.

IDaaS platforms help secure multiple logins across intricate combinations of legacy and cloud platforms in evolving hybrid enterprises.

Enabling companies to compile myriad access points in one seamless interface is a powerful way of providing oversight over all points of vulnerability, regardless of device or user, and improves the user experience of security management for every person involved.

After all, security is no longer just the responsibility of the CIO or CSO.

Employees have increasing power over their own data, and need to be given the knowledge, support and positive user experience in order to remain on board with solutions and measures that help protect their identities.  

Story image
IBM integrates Okta identity solutions to cloud offerings
“We’re excited to formalise the partnership to provide our joint customers with the technology to help secure their organisations.”More
Story image
Email attacks up 667% following rise of COVID-19 worldwide
Of the COVID-19 related attacks detected by Barracuda Sentinel through March 23, 54% were scams, 34% were brand impersonation attacks, 11% were blackmail, and 1% are business email compromise.More
Story image
Online retailers lose millions as 1/3 of customers forget password at checkout
Recently released research has found about one in three of online purchases are abandoned at checkout because people cannot remember their password to access their account and confirm their purchase.More
Story image
Remote workers need to improve security measures amidst COVID-19
Technological support and security measures are amongst ways organisations and their employees can protect their business as they move to remote working during the COVID-19 pandemic. More
Story image
Mentorship key to bringing women into cybersecurity - Microsoft
“Diverse teams make better and faster decisions 87% of the time compared with all male teams, yet the actual number of women in our field fluctuates between 10 and 20%. What ideas have we missed by not including more women?”More
Story image
Interview: RSA explains security in the epoch of IT disruption
We discussed cybersecurity in terms of how it fits into business continuity, as well as the threat landscape, and what RSA is currently doing to assist businesses that need protection.More