How enterprise security transformed in 2017 and what comes next in 2018

Enterprise security is always evolving, not by choice but because organizations are constantly facing new security threats. As 2018 fast approaches, let’s take a quick look back at how enterprise security evolved in 2017 and what we expect to see shake things up in 2018.

A year of transformation

2017 was a transformative year for enterprise security. We saw many organizations continue to adopt big data environments to store the enormous amount of data that they have collected; and in doing so, have been confronted with a new set of security challenges. One of these challenges is to strike the right balance between monetizing strategic data assets, while protecting personal privacy interests.

We also saw organizations take a microservices approach to breaking down large monolithic applications. With a microservices architecture, the functions of an application are built as discrete components that communicate with each other via APIs. This approach allows organizations to have a faster, almost continuous development and deployment cycle. But building many microservices components could mean that you also need to enhance your strategy for securing access to the individual components.

However, the biggest trend we saw in 2017 was digital transformation – which I’m defining as, technology deployments that address the initiatives that are critical to digital business – often this means modernization or implementing a whole new way of interacting with customers, partners and employees to improve their experience. It also applies to technology shifts, as we saw the move to the cloud really take off – as infrastructure moves, security is big consideration to secure all aspects of the cloud – from the applications that are running in the cloud, to the data being stored there, and the security of access to make changes within the cloud infrastructure.

These trends will continue to play a role in enterprise security in 2018, and we see several new areas emerging.

DevSecOps

IT has historically operated separately from business units in the enterprise. Breaking down organizational silos has been a challenge for IT leaders that are seeking better ways to support business initiatives. DevSecOps (development, security and operations) has emerged as a new way for cross-functional teams to work together. The devops approach is about bringing new application services to production faster than legacy approaches. Security plays a role in ensuring that continuous delivery practices also embrace good security practices. Secure access control mechanisms like attribute-based access control (ABAC) can also be automated within DevSecOps processes to secure access to APIs, microservices, big data, etc.

Securely sharing big data

As the data deluge continues and more organizations continue to adopt big data systems, it is crucial to protect personally identifiable information (PII), other regulated data, and intellectual property while also being able to securely share information. Organizations are shifting to a policy-based approach for access control, to securely share information between departments, partners and with customers and ensure that only those who are authorized to see sensitive information can.

Advanced monitoring and reporting

Increasingly, organizations are looking to implement advanced monitoring and reporting to help identify internal security threats and find culprits within an enterprise. By using data analytics, machine learning and artificial intelligence (AI), organizations can identify anomalies that would otherwise go unnoticed by humans. When attribute-based access control is deployed enterprise-wide, a wealth of activity log data on authorization requests can also be used to enhance reporting and monitoring systems.

The journey toward securing the cloud

The move to the cloud has been underway for quite some time with many organizations now adopting a “cloud-first” approach. Enterprises are moving their entire infrastructure to the cloud, which means a need for cloud-native security products and capabilities. A vital security layer is access control to cloud hosted data and other business resources, preferably using an ABAC model. ABAC systems run in the cloud, are used to securing cloud assets, and can be operated as a service – giving maximum flexibility to cloud-first enterprises.

Regulatory compliance

Regulatory compliance was a challenge within the security industry in 2017 and with GDPR around the corner, compliance will be even more of a challenge in 2018. ABAC can help meet and manage the new regulations by providing centralization of access control, efficient change management and enforcement of privacy preferences across the enterprise.

Customer identity and access management (CIAM)

Many organizations are focusing on a great customer experience to set themselves apart from their competition, but a data breach can immediately destroy the customer experience and a company’s reputation. CIAM is about striking a balance between customer experience and security, and does not require organizations to sacrifice one for the other. CIAM allows organizations to securely capture and manage the customer identity data while profiling data and controlling customer access to applications and services. This delivers an impeccable customer experience while minimizing the chance of a security breach.

Role based to attribute based (RBAC to ABAC)

Role-based access control (RBAC) has served as the standard to manage access control for decades. However, as business applications have become more complex and collaboration across a wide range of users is now required, RBAC has given way to attribute-based access control (ABAC) as the preferred industry standard. ABAC provides the most flexible, dynamic and comprehensive authorization model, which meets the demands of modern enterprises.

Modern technologies are going to continue to bring threats to organizations across every vertical. As more data continues be generated, it becomes increasingly difficult to securely share. As more organizations shift their infrastructure to the cloud, more organizations need cloud native security products. In the digital age an ABAC model should be every organizations’ first line of defense. ABAC can help prevent insider threats, scale to meet regulation standards and help organizations securely share information.