Everybody knows that the IT perimeter has been permanently warped by cloud-based resources, the consumerization of IT and the ever-agile work day. Information technology and information security decision makers are grappling with the tight-rope act of balancing the security of their organization’s data with their stakeholder’s usability expectations. Happily, the pervading need to bridge the identity-mobility-access gap has given rise to innovative identity and access management (IAM) solutions, of which this blog series provides an overview.
Enterprise mobility is a term that describes three main trends: First is the increasing number of employees working out of the office, for example when travelling for work, or when continuing to work from home. Second, is the use of cloud-based applications for work purposes, examples include Office 365, Amazon Web Services and DropBox among hundreds of other applications. And third is the increasing use of mobile devices for work purposes, including smartphones, tablets).
The Current Enterprise Mobility Landscape
More and more organizations are enabling mobility for a number of reasons, including increased productivity when working off-premises, for example during business trips to sales meetings, conferences and tradeshows, as well as the need to accommodate international work hours—especially for multi-national organizations where employees may need to take calls from home during non-standard working hours due to global time differences.
The increasing demand for employee mobility is affecting not only hi-tech companies, who are usually early adopters of new technologies and work trends, but rather it is also affecting traditionally conservative sectors, such as government, financial services, utilities and healthcare.
While globalization has led to a greater need for enterprise mobility, virtualization, cloud-based software delivery and the consumerization of IT have been providing employees and organizations the means to remain productive and connected while not physically present in the office.
IT Perimeter Gone Fuzzy
The simple, traditional corporate IT perimeter of yesteryear is gone—an IT perimeter which consisted of a single desktop connecting to a single corporate network through a single firewall, and employees connecting to any productivity application within that firewall. Completely warped by today’s IT ecosystem, the new IT perimeter is much more amorphous—it is often accessed remotely through a virtual private network (VPN), contains cloud (SaaS) applications hosted and managed outside of the organization, and today’s IT perimeter can be accessed from numerous mobile devices, such as smartphones and laptops.
To address the security concerns related to employees accessing corporate networks and applications remotely (outside the office), regulatory mandates have been created to ensure that organizations are using appropriate measures, such as strong multi-factor authentication, to secure sensitive resources, such as consumer payment information, intellectual property and healthcare patient data.
Mandates Addressing Secure Remote Access
Regulatory mandates that specifically require multi-factor authentication for securing remote access to corporate networks include Public Services Network (PSN) in the UK, PCI DSS v3.2 implemented by financial services worldwide, NERC-CIP in the USA, which is the North American Electric Reliability Corporation critical infrastructure protection regulation, and eIDAS in the European Union, which provides a framework for cross-border electronic identification and transactions across EU member countries. Clearly, authorities across verticals are realizing that remote access and enterprise mobility are being embraced by everyone.
A Competitive Edge for Recruiters
According to a Cisco report, roughly two thirds (2/3) of Gen X, Gen Y (Millennials) and Human Resources (HR) professionals believe that an organization that has adopted a flexible, mobile and remote work model has a competitive advantage over one that requires employees to be in the office from 9am to 5pm every weekday. Similarly, a survey conducted by Gallup found that employees working outside of the office up to one-fifth (20%) of the time are reported to be ‘more engaged.’
For the latest trends in mobility and access management, visit our Authentication and Identity Management Index website, and discover upcoming IAM trends in our on-demand webinar “What’s Next in Securing Identities? Key Identity & Access Management Trends.”
Join us next time for a look at IAM Trends: Enterprise Mobile Security Concerns (Part 2).