The Changing Landscape of Enterprise Identity Management
The natural world is full of species that evolve not only to survive, but to flourish. Sea slugs steal DNA from the algae they eat so they can survive for days on sunshine alone, while in a more worrying trend, bacteria are evolving to outsmart the antibiotics we use to defend our health.
As the enterprise cybersecurity landscape changes thanks to evolving technology, organisations must take a page from nature’s manual, and learn how to not only adapt and survive, but thrive. Enterprise users have access to thousands of applications and resources, with many users regularly accessing at least 9 apps simultaneously every day. Provisioning complex levels of access manually is an almost impossible task.
To address this, enterprises are increasingly utilising centralised solutions that automate identity management. However, as each enterprise has unique characteristics, its identity management requirements also differ depending on their industry, how its employees work, and the systems they rely on to operate. In other words, the best solution is always customised for your specific enterprise.
The challenges of remote work for identity management
It’s no surprise that remote work is changing the face of data security and rapidly increasing the need for enterprise identity management. For multinational companies, the shifting workforce brings even more complex challenges. For example, the Norwegian Refugee Council (NRC) delivers aid to displaced people worldwide through a network of 7,000 humanitarian workers and 10,000 employees. The scattered nature of this workforce makes it difficult to provide standard and IT communications, while governments often ban VPNs and censor internet usage during times of conflict, which makes providing standard experiences for all employees and workers a challenge.
These difficulties would not have existed before remote work became a possibility, and overcoming them meant modern solutions. As such, the NRC deployed multi-factor authentication (MFA) and single sign-on (SSO). Field workers can use a single password to easily and securely access all core applications, while MFA eliminated the need for a VPN, saving 2,000 hours in IT maintenance.
Scaling needs to be considered from the top
Identity management used to be a question of on-prem or cloud solutions, but today there are several modern options for identity access control, including role-based and attribute-based controls. Knowing which one to use is a question of understanding how the landscape is changing and where your enterprise fits in.
Companies that are considering building up an enterprise identity management system should consider the size of their business. For small- and medium-sized companies, role-based systems are best suited. They allow for preprogrammed roles with automatic provisioning and deprovisioning because each new role must be manually built, this isn’t the best solution for large businesses, who may have hundreds of different employees, vendors, and contractors they have to build roles for. In that case, attribute-based systems are much better suited. They require more resources to build upfront but continue to naturally scale as the company grows.
Legacy infrastructure must be taken into account
Enterprise identity management enables IT teams to transform and innovate, driving both growth and revenue. But when a business has been around for decades or even centuries, change becomes trickier. Thanks to hybrid cloud models, it’s no longer a question of legacy or cloud. A good example of this is Hitachi, which has been on a mission to solve society’s biggest challenges for more than a century. Hitachi needed to modernise without disrupting its legacy systems, enabling it to onboard new applications, customers, and employees more rapidly.
A hybrid cloud model with SSO allows the company to access legacy infrastructure downstream of the dashboard, with a single integration point to ensure logins are secure and protected.
Evolving enterprise identity management
Ideally, no company has to draw sustenance from lichen, but like the sea slugs, it’s up to enterprises to adapt to new challenges and build new technologies in front at the ground level. Modernising identity processes simplifies users’ access to applications, makes life easier for IT teams, and lowers the risk of security breaches by ensuring only the right people and devices have access to the resources they need.