Today's top stories

More Apps and Devices in More Places: How Will You Ever Manage?

If your identity and access management challenges seem to be more daunting than ever, a new research report backs you up—and offers actionable recommendations to help you out.

shutterstock 576859549
Shutterstock

It’s official: People are using more devices in more places to access more kinds of applications, and that’s making things tough for identity teams. According to the new research report Pragmatic Identity and Access Management from Enterprise Management Associates (EMA), the increasing reliance today on distributed applications makes it more challenging to manage identities and access efficiently and cost-effectively.

Here’s a look at the difficulties posed by a diverse user population accessing SaaS applications from multiple endpoints, as well as some advice from EMA for managing identities successfully in this environment.

Devices: Respondents Use a “Dizzying Array” of Devices to Access Business Resources

Users surveyed by EMA report using a variety of endpoint devices—desktops, laptops, smartphones and tablets—to access applications and other resources. This range of devices (and endpoint architectures associated with them) suggests the need for a unique identity and access management service for each application accessed from each one, but the number of administrators you’d need makes the idea impractical.

EMA’s recommendation: A consolidated solution for identity and access management that works regardless of the endpoint type, and regardless of whether it’s user-owned.

Places: Users Access Applications Remotely More Than a Third of the Time

On average, users surveyed access business applications and data from somewhere other than the office 36% of the time. That means they’re operating outside a controlled business-network environment, which in turn means effective identity and access management is especially important. Administrators need a solution that provides assurance that those who want access have proper rights. Otherwise, anyone who manages to get hold of a user’s device could potentially gain access to all the IT resources that user accesses.

EMA’s recommendation: A comprehensive identity and access management solution that can serve as a secure “front door” to stop unauthorized access to everything of value beyond it.

Applications: 82 Percent of Organizations Have Adopted SaaS and Other Hosted Applications

The multi-device, remote-access challenges above are compounded by the fact that 82 percent of organizations rely on publicly hosted services: public clouds, public app stores and, topping the list, software as a service (SaaS) platforms.

EMA’s recommendation: Multi-factor authentication to provide additional layers of protection without compromising user productivity, coupled with policy-based access management and context-aware access permissions.

The challenges are formidable, but there are ways to get ahead of them—although today’s busier-than-ever identity managers may find it tough to take the time to start taking action. But it’s by making time to move ahead with the recommendations here that they will ultimately win more time back in the long run. See how one organization did it successfully by taking a look at the case study in the report.

I hope you’ll carve out some time to check out the detailed findings and the case study, and to watch the video Evolving Requirements for Identity and Access Management, which includes an insightful conversation about the report between Steve Brasen, Managing Research Director for EMA, and Angel Grant, Director of RSA Identity and RSA Fraud and Risk Intelligence.