MANAGING IDENTITY
IN THE CLOUD IS
RISKY BUSINESS
Cloud technology has transformed the way
businesses and organisations operate, enabling
increased efficiency among many other benefits.
But it has also opened doors for cybercriminals.
TrustBuilder CEO Marc Vanmaele explores how
businesses can give users the access they need,
while keeping cybercriminals out.
D
igitisation has
connected us.
Businesses are
now able to
interact quickly
with thousands,
if not millions, of
customers and partners every day. But
as digitisation forces organisations into
the cloud, the situation is becoming
complicated. There are many services
for organisations’ employees and
customers to log in to, hosted over
multiple platforms that include the
business premises, the public cloud,
private cloud and third-party systems. come from outside intruders and insider
threats are another serious concern.
While this means that data and
applications can be accessed wherever
users may be, it has also opened
doors for cybercriminals. According
to Verizon’s 2018 Data Breach
Investigations Report, 73% of threats Before the clouds came
72
It’s becoming clear that traditional
defences such as firewalls alone are no
longer enough to protect the company’s
data – or their customers’.
If user experience isn’t as slick and
secure as it can be, it can result in loss
of employee productivity and loss of
customers. There is a clear need to
bridge these environments to provide the
best experience for users while keeping
sensitive information secure. Let’s explore
how organisations can achieve this.
At one time, businesses’ IT departments
could manage ID and access for their
users. Apps were hosted on-premise
and businesses were protected from
Marc Vanmaele, CEO, TrustBuilder
cybercriminals if their endpoints were
protected by firewalls. It wasn’t exactly
simple but it was manageable. But as
Internet connections grew, becoming
more reliable, fast and widespread,
apps started moving to the cloud. While
this meant business applications and
data could be accessed conveniently
from any location, it also expanded
organisations’ attack surface beyond
the IT department’s reach.
With so many applications to access
and so many being managed offsite
by third parties, the landscape
became complicated. Trying to give all
employees, partners and customers
access to what they need without
putting security at risk became
difficult – particularly as apps could be
accessed offsite.
Issue 05
|
www.intelligentciso.com