Why do we need access management?

Last updated: 07 June 2017

2016 was a big year for data breaches, hitting an all-time high.  According to the Identity Theft Resource Center, 1,093 breaches occurred in 2016, which is an astounding 40% increase from 2015.  Data breaches happen every day and Cybercriminals are getting smarter and faster. This makes the job of keeping your employees and your data safe an ever increasingly difficult challenge for enterprise IT.

We all know employees are not always as concerned about security and are often not vigilant when it comes to keeping an eye out for suspicious activity online.  Your typical employee is much more interested with convenience.  With the use of cloud applications becoming widespread, the need for IT to secure internal resources is more critical than ever.  This is where Access Management can help.

What is Access Management?
Access Management is a functionality that continuously verifies whether a user has permission to log in to a certain resource, e.g. a cloud application, and enforces the appropriate access policy for each login attempt.

Gateway to the enterprise, then and now
In the old days the VPN (Virtual Private Network) was the designated gateway for all enterprise applications, but now users need to access several cloud apps routinely. This affects both users forced to memorize many credentials and IT teams in charge of the maintenance of these specific credentials.

SSO (Single Sign On) offers a partial solution that addresses this challenge by giving one credential to all cloud applications, providing users easy login and IT teams easy credentials reset. SSO is liked for of its ease of use and convenience.  However, it may also be risky since if the credentials of a user are compromised, than all apps could be vulnerable. Additionally, SSO doesn’t provide all the information that IT needs on who is accessing which app, with what credential and when.

Access Management addresses these challenges because it continuously re-authenticates the user based on the access policy that has been defined.  Access Management consists of three components:

  1. Identity verification – Who is trying to log in?
  2. SSO – Single Sign On – One single credential for accessing all the apps at once
  3. Access policy enforcement – What level of authentication is needed? Which group will access the resources?

An Access Management Solution is beneficial both for users who get the convenience of an SSO experience and IT teams who are tasked with protecting access to cloud apps.

Learn how access management solves enterprise access issues, check out our Cloud Access Management Infographic.

 

Leave a Reply

Your email address will not be published. Required fields are marked *