Cloud adoption is accelerating for most enterprises, and cloud computing is becoming an integral part of enterprise IT and security infrastructure. Based on current adoption trends, it’s clear that the vast majority of new applications purchased by organizations will be SaaS applications. The allure is evident, from cost savings to speed of deployment to flexibility and simplicity.
Industry experts predicted the cloud migration would stop short of mission-critical applications, though, because of the prevalent belief that on-premises systems are more secure than those in the cloud. Instead, cloud adoption has accelerated because of users yearning for simplicity, convenience and lower cost of ownership.
Now, it’s clear that cloud apps are the future for enterprises. However, the benefits of the cloud can be negated if it leaves a business exposed to security breaches and compliance issues.
An organization’s security profile changes with the cloud for a variety of reasons. First, enterprises must grapple with the explosion of cloud apps that can be procured outside of IT’s purview, as well as manage and enable a globally distributed workforce that blurs the lines between employees, contractors and partners. Complicating this new security dynamic is the fact that even as enterprises aggressively move to a cloud-first IT strategy, they will realistically need to manage legacy applications that reside on-premises for the foreseeable future.
This is further compounded by the evaporation of the network perimeter. Attacks are no longer made against an enterprise’s network defenses as much as phishing and social engineering attempts are made against its users. Network and endpoint security simply aren’t enough. More than ever before, organizations need to understand protecting identity is critical, and in many cases, it’s the only linkage IT and security have between the user and the applications and the data they can access.
Successfully managing the adoption of SaaS applications – and securely migrating to a cloud enterprise – requires identity governance.
Securing the cloud enterprise can be done; the question is how? By taking a user-centric approach to cloud security to make sure you’re managing what applications and data your customers, partners and contractors – your identities – can access, as well as what can be done with that access.
• Connect to everything. Your identity governance solution must be able to connect to all an enterprise’s systems, from the legacy applications that have been in use for years to the SaaS applications that are being adopted today.
• See everything. You need visibility to all the information about an identity, across all the applications an enterprise uses, all the data they have, and across all users – no matter where they are located or what devices they may use.
• Govern everything. You need to know who does have access, who should have access, and what users are doing with their access on all your applications for all your users and for all your data.
• Empower everyone. Let your users work how they like to work, wherever they are and on whatever device they want to use.
The dynamic and complex nature of securing access while enabling cloud applications requires a new approach. Managing shadow IT accounts and securing these within established IT governance parameters is a particular challenge that IT teams must be on top of. Not securing these accounts to a high enough standard could have damaging effects in terms of asset loss, causing further internal disruption.
One approach is for IT to become a “cloud service provider” – an internal market and a central resource that provides identity and access services to departments, making it easy for users to gain access to cloud applications while simultaneously ensuring that security and compliance requirements are met.
Rather than have employees scouring the web for cloud applications, IT can instead deploy apps that have been tested and pre-approved. This, in turn, provides IT departments with a holistic view of employee activity across the cloud.
Another problem resulting from cloud update is the management and regulation of intellectual property and determining where the data actually resides. With company files, documents and potentially sensitive material making the move to a network of remote servers, organizations must better manage and curtail access to these important assets. Some applications may reside on-premise or in the cloud – known as a hybrid cloud solution. If an organization is struggling to gain control over cloud applications, using an Identity and Access Management technology that actually resides in the cloud will solve those problems.
Full cloud adoption may take several years, and for many organizations, a 100% cloud infrastructure may not be a reality anytime soon. But, the market is definitely heading toward more cloud computing than less, and regardless of where a company falls on the migration path, it’s important that organizations don’t sacrifice security along the way. Identity governance plays a critical role in securing the cloud enterprise and enabling that migration.
By Kevin Cunningham, Co-Founder and President of SailPoint
Kevin oversees product development, marketing, sales, operations and services.
Kevin previously served as founder and vice president of marketing for Waveset, where he turned ground-breaking innovation into tangible market results. Following the acquisition of Waveset by Sun Microsystems, Kevin led strategic product initiatives for Sun’s software portfolio. Kevin has also brought innovative technologies to market for companies including IBM/Tivoli Systems and UniSQL.
