• United States



3 Access Blind Spots That Can Put You at Risk

Nov 06, 20173 mins
Identity Management SolutionsSecurity

Are access “blind spots” making it hard to protect against threats in your access environment? Melanie Sommer shines a light on these problem areas and shows you how to improve visibility.

rsa bp article 13 istock 503920898 copy
Credit: iStock

With more applications moving to the cloud and more users on the move, it’s becoming increasingly hard to see where inappropriate access may be a threat to your organization. If you want to keep from being blindsided, you need to know what to look for.

3 Access Blind Spots: You Can’t Manage What You Can’t See

1.       The disrupted perimeter: Cloud, mobile and IoT are opening up so many new points of access to resources, the network perimeter you’ve come to rely on to keep threats out no longer provides an effective defense.

2.       Islands of identity: All those SaaS apps your users depend on daily are islands of identity information unto themselves. Without clear visibility across them, trying to manage access is like driving blind.

3.       Dynamic user population: Today, partners, contractors and vendors are all as likely to need resources as employees. But they all warrant different levels of access—and that makes it hard to manage.

The good news: you can eliminate these blind spots. With an innovative approach to authentication that focuses on identity assurance, security teams can regain visibility into the access environment—picking up on threats wherever they occur and responding instantly.

Identity Assurance: Seeing Users for Who They Are                                                   

When security teams begin to focus on identity assurance, they can eliminate the blind spots that put your business at risk for identity-based attacks. Identity assurance balances the risk associated with a user’s access actions against the assurance that they are in fact who they say they are. This makes it possible to reassert control over the perimeter, regain visibility across islands of identity and keep up with a growing, changing population of users.

Eliminating access blind spots requires an intelligence-driven identity assurance solution that integrates risk analytics, machine learning and other advanced capabilities to make informed assessments about who’s requesting access and whether the request is legitimate. When the situation warrants it, the solution should have the capability to trigger additional controls to step up authentication before granting access. The ideal solution also needs to centralize control and visibility into resources, whether they’re on-premises or in the cloud.

At the same time, any identity solution you choose should make it easy for users to request access. That way, they won’t feel compelled to circumvent policy or take other access shortcuts that create identity risks. When you’ve properly integrated identity risk analytics and contextual data automatically into the authentication process, identity assurance makes access seamless to the users without sacrificing any of the security and control required.

For added user convenient and easy access, look for flexible authentication options, too. With users accessing resources from so many devices (both personal and company owned) and from so many places (at home, in the office, on the road and in the sky), you need a variety of different choices (mobile authentication, hardware and software tokens, biometrics, SMS, voice and more).

Download RSA’s eBook “Eliminating Access Blind Spots in Today’s Modern Enterprise” to learn more about these obstacles to managing identity risk, how identity assurance can help you address them, and the six specific criteria for a solution that helps achieve that assurance.

melanie _sommer

Melanie brings nearly 20 years of experience in the technology industry with a focus on security, data protection and identity management. Today, she leads the global marketing efforts for RSA’s identity management products. Prior to joining RSA, Melanie held leadership positions in both early-stage technology start-ups and some of the world’s largest technology companies, including Dell EMC, Motorola, IBM/Tivoli, Sun Microsystems, and Compaq Computer.

More from this author