Cloud Security: 3 Identity and Access Management Musts

Thanks to the cloud, you’re just a few mouse-clicks away from new capabilities, capacity and storage that once required a hefty budget and a ton of development and deployment time. But what about security concerns that come with the cloud? How will you manage access to data and applications you don’t control directly? Here’s advice for reaping the benefits of the cloud without increasing your identity risk.

1. Move at Your Pace

Organizations have been moving to the cloud in droves in recent years. According to cloud platform provider RightScale, public cloud adoption reached 92 percent in 2018. And IDC analysts concluded in their annual list of cloud predictions that most businesses now have a “cloud first” strategy for IT.

But “cloud first” doesn’t necessarily mean “cloud only.” Chances are you still have plenty of on-premises applications even as you make the transition to the cloud. It may make sense to move some applications to the cloud quickly, because it’s easy and will reduce costs. But there will also be areas where it may be better to keep certain resources on-premises, at least for now.

What you need are authentication and access tools that span legacy and cloud-based applications. If it’s possible to extend your current multi-factor authentication (MFA) solution to the cloud, you can make the most of your existing technology investment and enjoy a smoother transition to the cloud.

2. Bridge Your Islands of Identity

One of the consequences of moving resources to the cloud is you create more “islands of identity” that each have their own access credentials and policies. The more resources in the cloud and the more providers delivering them to you, the more isolated islands to manage. The lack of visibility and control makes it harder to secure access to those resources, potentially increasing your organization’s risk.

Having a single identity and access management platform can help bridge these islands of identity. Look for technology that’s compatible with a variety of authentication protocols, works across legacy and cloud applications, and provides a unified view of access across all your applications and data.

3. Make Security Seamless

As you move to the cloud, you want to ensure the same level of secure access you already have for legacy on-premises applications—but you also want to ensure a high level of convenience for users.  After all, one of the reasons for moving to the cloud to begin with is to give users quick, easy access to the resources they need, wherever and whenever they need it.

Choose a solution with multi-factor authentication that provides the highest level of identity assurance with the least amount of end-user friction. That means matching the level of authentication required to the level of risk a user poses. It also means providing flexible options for users (including modern multi-factor authentication methods, i.e., push authentication, biometrics, etc.), along with the ability to provide a consistent login experience across all their applications.

Learn more about identity and the cloud in the on-demand RSA webinar Modernizing Authentication in and for the Cloud.