Cloud computing is establishing itself as an integral part of enterprise IT and security infrastructure, with growing challenges to business operations hastening its adoption. The allure is evident, from cost savings and speed of deployment, to flexibility and simplicity. This is especially true among those organisations dealing with distributed workforces and a high turnover of contract workers.
As companies transition more of their IT operations to the cloud, we see a degree of rising concern about the challenges of creating flexibility while keeping control of users and data. In fact, in our recent Market Pulse Survey, 74 per cent of respondents cite their people – which includes regular employees, part-timers and the increasing number of contract workers – as the main exposure point for the organisation – the weak link in the chain. The rise of shadow IT (42 per cent) and poor password hygiene (24 per cent) being among the main contributing factors to this.
The cloud is changing how we work – employees can access business applications in the cloud completely external to the enterprise network. Gartner estimates that by 2020, 90 per cent of enterprises will have a hybrid environment where on-premises applications and services co-exist with applications in the cloud. There are many benefits to this, including greater flexibility and agility for IT teams dealing with legacy systems. However, it’s also presenting new challenges. The sensitive data that users have access to now extends across both on-premises and cloud environments. Therefore, security must be centred on the user regardless of application location. With this in mind, how would you go about managing identities in a distributed working environment?
Identity in the cloud
Identity enables organisations to securely adopt new cloud technologies while still being able to have full visibility and control over who has access to what sensitive information. With more users coming and going, accessing critical systems and applications in order to do their jobs, there is more data to protect across a wider population of users than ever before. It is increasingly spread far and wide, and often outside the perimeter of the corporate firewall. So while the cloud enables scalability, it also creates additional security concerns that must be dealt with proactively.
[easy-tweet tweet=”Identity in the cloud is about more than just security.” hashtags=”Cloud, Security”]
When identity governance is delivered from the cloud itself, it offers the crucial security, compliance and automation that organisations need while also offering all the deployment and operational benefits of a cloud-based solution.
Identity in the cloud is about more than just security. The cloud has effectively become an agile service, offering businesses the flexibility to deal with distributed and centralised workforces at the same time. Which is perfect for the growing trend of self-employment and gig work in the UK. More people are becoming self-employed, with around 15 per cent of UK workers today falling into this category. There’s no real hard numbers on the number of gig workers, but estimates are at around 1.1 million.
As a business evaluates moving critical business infrastructure such as identity management into the cloud, there are some factors to consider. Particularly, on how to evaluate and select the best governance solution for the organisation. Since IAM logically belongs at the centre of an organisation’s IT operations and security strategy, how it will affect the organisation as a whole as well as its users’ needs to be considered.
Whether an organisation is implementing identity governance for the first time or transitioning from an on-premises IAM solution, it’s important to take a holistic approach to business requirements and how they are addressed. Common business drivers for identity governance include protecting the organisation from internal and external security threats, meeting regulatory compliance requirements, enabling the business with convenient access services and lowering operational costs.
Building a cloud-based identity governance strategy
In order to meet security, compliance and business enablement goals, organisations should put a comprehensive plan in place for how to deliver all the critical governance services required – from user provisioning to password management, access certifications and access request. Solutions that provide a broad set of capabilities on a single platform should be considered front and foremost. It’s also important to consider how well a solution integrates with complementary solutions such as helpdesk, HR systems, and privileged account systems. This helps avoid integration problems. Taking an all-encompassing approach from the outset will ensure organisations don’t face any underlying issues later on.
Today’s enterprises are increasingly becoming cloud enterprises. Combining the power of identity with the cloud, an organisation can ensure safer, more efficient and better-protected data and users – whether they’re working for a day, a month or a year. What’s more, these enterprises are free to do what they set out to do in the first place: improve the organisation. Whether it’s gaining a competitive advantage, chasing new growth opportunities, or providing a better customer experience. The empowerment organisations gain with identity governance is what allows them to be confident, fearless and unstoppable. Put simply, identity provides the power to make the cloud enterprise secure.
Kevin Cunningham, President & Founder at SailPoint
In his role as president of SailPoint, Kevin oversees product development, marketing, sales, operations and services. As co-founder of SailPoint, Kevin’s goal from the beginning was to build a forward-looking, agile company with the experience to deliver better service and superior innovation to customers. SailPoint combines all the flexibility of a small entrepreneurial company with a seasoned, experienced management team that brings deep expertise to the identity management space.
Under Kevin’s leadership, SailPoint has achieved landmark growth, posting significant revenue gains, expanding the customer and employee base, and building a global presence. Kevin works continuously to sharpen SailPoint’s strategic focus and to align strategic partnerships and corporate development with long-term expansion opportunities.
Kevin previously served as founder and vice president of marketing for Waveset, where he turned ground-breaking innovation into tangible market results. Following the acquisition of Waveset by Sun Microsystems, Kevin led strategic product initiatives for Sun’s software portfolio. Kevin has also brought innovative technologies to market for companies including IBM/Tivoli Systems and UniSQL.