Rethinking Access Management: A Modern Approach for A Modern Workforce

With a more modern workforce armed with mobile devices and a work-anywhere-anytime mentality, it’s time to rethink your approach to access management.

rsa bp article 2 istock 105937490 copy

It’s the infamous joke we’ve all used at one point or another – “Knock, knock. Who’s there?” When it comes to identity management, knowing the answer to this question is mission critical. You need to be 100% confident that your users are who they say they are -- whether your employees, contractors, customers and partners are accessing your data, applications and systems in the cloud, web, or on-premises.

Why? Because weak, default, and stolen user credentials have been used in 81% of confirmed data breaches.

Not surprisingly, in a recent IDG survey of IT professionals, sponsored by RSA, 68% of respondents cite a high-level of concern regarding the risk of a cybersecurity attack resulting from compromised identities.

The emergence of identity as a major threat vector places a premium on delivering convenient and secure access across your mobile endpoints. Today, those endpoints are expanding, along with an increase in cloud applications. Islands of identity that have been created as a result are a concern for 47% of respondents. We’re talking about the loss of central IT control and visibility over user credentials and authentication for disparate mobile, social, and cloud applications. And that makes all of these users – and their identities – are vulnerable, potentially exposing your organization to unauthorized users.

Human endpoints are growing too, and 51% of respondents say that expansion of the user base is a top security concern. New users include external partners, vendors, suppliers, audit teams, consultants, and customers. Only 24% of respondents felt confident that they could enforce access control policies for these new users. In addition, third-party users whose companies have weak data safeguards and security controls offer a “backdoor” for attackers into your organization.

The prevalence of mobile devices today has fueled a culture of users who are accustomed to convenient access. Touch ID for the iPhone and biometrics for Android have set expectations for consumer-level convenience in the workplace, particularly with BYOD. A large majority (85%) of respondents, though, say that user convenience has been compromised to some extent in their organizations in order to enforce access control policies. The problem for 26% of respondents is that inconvenient authentication controls often are ignored or subverted by their users, which ultimately puts the organization at risk.

It is not surprising, given these concerns, that 51% of respondents look for strong authentication that passes audits and meets regulatory compliance (PCI, PII data, HIPAA, etc.) as the most important identity management feature when evaluating identity management solutions. Other essential features include the ability to address authentication anywhere, any time, and from any user or device (49%), context-aware and step-up authentication (49%), as well as the ability to integrate with applications up and down the stack – on-premises, legacy, web, and SaaS (47%).

If you’re having difficulty authenticating the answer to “who’s there?” when users are knocking at your entry points, you are not alone. Nearly half of the respondents are evaluating or plan to invest in a new identity management solution in the near future.

Take a more modern approach to multi-factor authentication and you’ll gain unwavering confidence that your users are authentic. Find a solution with an intelligent, frictionless, convenient, and secure way for users to access your valuable on-premises or cloud applications and data. A solution that employs multi-factor authentication through a variety of advanced mobile authenticator options including push authentication, biometrics, and if needed, hardware and software tokens. A more modern authentication solution that can leverage contextually-relevant data and risk-based analytics to help automate key access decisions while managing the islands of identity, and ultimately, enabling the business to accelerate while mitigating identity risk.

Read more about delivering convenient and secure access to the modern workforce in a new eBook and see how a modern multi-factor authentication solution can help you be more sure when users come knocking. Download the eBook.

Copyright © 2017 IDG Communications, Inc.