Access Management In A Cloudy, Mobile World

Access Management In A Cloudy, Mobile World

Lately, I’ve noticed that user access management is a recurring topic of discussion with customers and partners. Two major trends transforming industries today – mobile and cloud – are acting as catalysts for a renewed focus on this critical area of security.

As mobile devices proliferate at a staggering pace, enterprises see a rich new channel through which to reach customers. Enterprises are also realizing that a much larger set of employees want to use mobile devices – which can enhance individual productivity as well as generate business value.

We’re in the BYOD era, where secure access to enterprise resources is key for all mobile deployments. Secure mobile access has some unique requirements:

  1. Since mobile devices are shared more often it’s important to authenticate both the user and the device before granting access.
  2. To mitigate the threat of man-in-the-middle attacks, emphasis must be placed on strong session management capabilities.
  3. The risk of granting access to the user based on their context (time, network, location, device characteristics, role etc) needs to be determined so appropriate counter measures can be taken. This risk calculation can help select the appropriate authentication scheme(s), identify corresponding authorization policies to enforce, and provide the user with information on security best practices. Additionally, threat protection from access requests needs to identified and countered to protect against mobile-borne attacks.

In the past few years, organizations have had growing economic incentives to source their technology services from cloud based providers – from software, to platforms, to infrastructure.

Cloud deployments help organizations improve time to value for delivering new services or content, while also avoiding capital expenses. As an organization employs cloud-based solutions, or launches its own cloud offerings, secure access needs to be a top security consideration.

To improve user experience, a robust single sign-on solution that enables secure federation of identities across domains becomes critical. Some organizations are beginning to employ third-party identity providers (i.e. Google, Facebook, LinkedIn) to authenticate the user. However, first consider if the identity provider has been compromised.

A cloud access management solution needs be able to assess the risk of a specific access attempt based on security events related to the user. In cloud environments a flexible policy management and enforcement infrastructure (for authorizing access) grows in significance in order to adapt to dynamic interactions with cloud services for cost management and compliance.

Over a year ago, IBM leadership began a concentrated effort to address these new requirements in the IBM Security Access Manager (ISAM) solution for cloud and mobile, which now enables context-aware access control to help organizations assess the risk of each interaction and adapt accordingly.

The risk of an interaction may motivate the use of different forms of authentication schemes or provide the user with differentiated authorization to data or services. To compute the risk the user’s device and the application can be taken into consideration. Expect to hear more about the needs of a mobile enterprise with cloud ambitions in 2013!

By Vijay Dheap, Product Manager and Master Inventor, IBM Security Systems

Vijay currently leads Mobile Security Solutions for IBM.  He started off his career as a researcher in the field of Pervasive Computing, and then evolved his technical expertise as a developer on IBM’s mobile portal product.  He transitioned to an analyst role gaining experience formulating IBM’s technical and business strategy for emerging technologies such as Web 2.0, Big Data and Mobile as a member of IBM’s Emerging Technologies Team.  He joined IBM’s newly formed Security Division as a Product/Solution Manager.  He has significant international experience having led several customer engagements on four continents.  Vijay earned his Master’s in Computer Engineering from University of Waterloo, Canada and his International MBA from Duke Fuqua School of Business.

About CloudTweaks

Established in 2009, CloudTweaks is recognized as one of the leading authorities in connected technology information and services.

We embrace and instill thought leadership insights, relevant and timely news related stories, unbiased benchmark reporting as well as offer green/cleantech learning and consultive services around the world.

Our vision is to create awareness and to help find innovative ways to connect our planet in a positive eco-friendly manner.

In the meantime, you may connect with CloudTweaks by following and sharing our resources.

View All Articles

Sorry, comments are closed for this post.

Comic
When Sci-Fi Predictions Come To Fruition

When Sci-Fi Predictions Come To Fruition

Evolution of Technologies To paraphrase science fiction author Arthur C. Clark, those who make predictions about the future are either “considered conservative now and mocked later, or mocked now and proved right when they are no longer around to enjoy the acclaim.” The one thing we can be sure about, Clark ventured, is that “[the…

Facebook Hopes To Extend Internet Connectivity With Solar-Powered Drones

Facebook Hopes To Extend Internet Connectivity With Solar-Powered Drones

Facebook Inc (FB.O) said on Thursday it had completed a successful test flight of a solar-powered drone that it hopes will help it extend internet connectivity to every corner of the planet. Aquila, Facebook’s lightweight, high-altitude aircraft, flew at a few thousand feet for 96 minutes in Yuma, Arizona, Chief Executive Mark Zuckerberg wrote in…

When Will Women In Tech Become The Norm?

When Will Women In Tech Become The Norm?

Tech Diversity It is well known that the technology industry has been dominated by men, but it is also clear that the industry is working to change that. Diversity in the tech industry, especially where it applies to women in tech, has been a topic of discussion for years. Recently the Washington Technology Industry Association…

Four Keys For Telecoms Competing In A Digital World

Four Keys For Telecoms Competing In A Digital World

Competing in a Digital World Telecoms, otherwise largely known as Communications Service Providers (CSPs), have traditionally made the lion’s share of their revenue from providing pipes and infrastructure. Now CSPs face increased competition, not so much from each other, but with digital service providers (DSPs) like Netflix, Google, Amazon, Facebook, and Apple, all of whom…

Edtech and Virtual Reality – Exciting Learning Environment

Edtech and Virtual Reality – Exciting Learning Environment

Customizing Edutech Customized edtech learning solutions are becoming more commonplace as the education industry recognises their potential and begins transforming the traditional structures so as to incorporate innovative developments. From textbooks to tablets, chalkboards to virtual reality, edtech promises not only dynamic and exciting learning environments but better learning strategies and solutions. Virtual Reality and…

Are Cloud Solutions Secure Enough Out-of-the-box?

Are Cloud Solutions Secure Enough Out-of-the-box?

Out-of-the-box Cloud Solutions Although people may argue that data is not safe in the Cloud because using cloud infrastructure requires trusting another party to look after mission critical data, cloud services actually are more secure than legacy systems. In fact, a recent study on the state of cloud security in the enterprise market revealed that…

Maintaining Network Performance And Security In Hybrid Cloud Environments

Maintaining Network Performance And Security In Hybrid Cloud Environments

Hybrid Cloud Environments After several years of steady cloud adoption in the enterprise, an interesting trend has emerged: More companies are retaining their existing, on-premise IT infrastructures while also embracing the latest cloud technologies. In fact, IDC predicts markets for such hybrid cloud environments will grow from the over $25 billion global market we saw…

The Rise Of BI Data And How To Use It Effectively

The Rise Of BI Data And How To Use It Effectively

The Rise of BI Data Every few years, a new concept or technological development is introduced that drastically improves the business world as a whole. In 1983, the first commercially handheld mobile phone debuted and provided workers with an unprecedented amount of availability, leading to more productivity and profits. More recently, the Cloud has taken…

Despite Record Breaches, Secure Third Party Access Still Not An IT Priority

Despite Record Breaches, Secure Third Party Access Still Not An IT Priority

Secure Third Party Access Still Not An IT Priority Research has revealed that third parties cause 63 percent of all data breaches. From HVAC contractors, to IT consultants, to supply chain analysts and beyond, the threats posed by third parties are real and growing. Deloitte, in its Global Survey 2016 of third party risk, reported…

Report: Enterprise Cloud Computing Moves Into Mature Growth Phase

Report: Enterprise Cloud Computing Moves Into Mature Growth Phase

Verizon Cloud Report Enterprises using the cloud, even for mission-critical projects, is no longer new or unusual. It’s now firmly established as a reliable workhorse for an organization and one that can deliver great value and drive transformation. That’s according to a new report from Verizon entitled “State of the Market: Enterprise Cloud 2016.” which…

Cloud Infographic – Monetizing Internet Of Things

Cloud Infographic – Monetizing Internet Of Things

Monetizing Internet Of Things There are many interesting ways in which companies are looking to connect devices to the cloud. From the vehicles to kitchen appliances the internet of things is already a $1.9 trillion dollar market based on research estimates from IDC. Included is a fascinating infographic provided by AriaSystems which shows us some of the exciting…

10 Trending US Cities For Tech Jobs And Startups

10 Trending US Cities For Tech Jobs And Startups

10 Trending US Cities For Tech Jobs And Startups Traditionally actors headed for Hollywood while techies made a beeline for Silicon Valley. But times are changing, and with technological job opportunities expanding (Infographic), new hotspots are emerging that offer fantastic opportunities for tech jobs and startup companies in the industry. ZipRecruiter, an online recruitment and job…

Consequences Of Combining Off Premise Cloud Storage and Corporate Data

Consequences Of Combining Off Premise Cloud Storage and Corporate Data

Off Premise Corporate Data Storage Cloud storage is a broad term. It can encompass anything from on premise solutions, to file storage, disaster recovery and off premise options. To narrow the scope, I’ve dedicated the focus of today’s discussion to the more popular cloud storage services—such as Dropbox, Box, OneDrive—which are also known as hosted,…

Cloud Infographic – Big Data Predictions By 2023

Cloud Infographic – Big Data Predictions By 2023

Big Data Predictions By 2023 Everything we do online from social networking to e-commerce purchases, chatting, and even simple browsing yields tons of data that certain organizations collect and poll together with other partner organizations. The results are massive volumes of data, hence the name “Big Data”. This includes personal and behavioral profiles that are stored, managed, and…

Cloud Infographic – Guide To Small Business Cloud Computing

Cloud Infographic – Guide To Small Business Cloud Computing

Small Business Cloud Computing Trepidation is inherently attached to anything that involves change and especially if it involves new technologies. SMBs are incredibly vulnerable to this fear and rightfully so. The wrong security breach can incapacitate a small startup for good whereas larger enterprises can reboot their operations due to the financial stability of shareholders. Gordon Tan contributed an…