Cloud computing and the massive momentum behind the BYOD trend are leading to a fundamental shift in the way security is deployed. It is simply too difficult to secure each device on a network, as legacy and cloud architectures unite and IT topologies become increasingly complex. New research suggests that identity-based security measures best meet the needs of the evolving network.
A new report from Gigaom Research shows that while there are a growing number of companies playing in the identity and access management (IAM) space, the migration toward these types of solutions can be complex. Retrofitting today’s IAM solutions to work with legacy networks and traditional enterprise architectures can be a challenge, and having a consistent security approach both on premises and in the cloud is crucial.
IAM solutions, and the service providers and administrators who deploy them, need to be able to tackle a number of challenges. These solutions must be able to secure existing, on-premises infrastructure as well as cloud services and solutions. And security must be consistently deployed and managed from the enterprise all the way through to the cloud. Traditional infrastructure must be taken into account and secured before cloud migration begins, to ensure a smooth and safe transition. That’s a pretty tall order for any IAM provider, but a critical one nonetheless.
Ultimately, those enterprises that adopt mature IAM solutions can reduce their overall identity management costs while becoming more agile in supporting new business initiatives, like migrating to the cloud. And using IAM for cloud application deployment is a logical step for these enterprises, as they update their security approaches and technologies during public cloud migration.
Centralized identity management using mature IAM solutions lets companies quickly add identities for those resources and devices that fall outside of direct enterprise control, an essential capability in today’s BYOD climate. And identity management solutions help ensure these resources possess proper and valid credentials before granting them access to sensitive corporate data.
Edited by Rory J. Thompson