Security for Digital Business Begins with Identity
In recent years, most enterprises became quite skilled at protecting their perimeters. An environment consisting of approved devices and a controlled population of legacy applications became relatively easy to secure. User names and passwords worked well for most organizations. Additional security could be achieved with hardware tokens, grid cards and other authenticators. A variety of security monitoring tools were also used to gain visibility to networks and identify potential breaches or other security incidents.
Digital business, however, poses an entirely new security challenge. Mobile employees require anywhere-anytime access. The range of devices and the number of apps being used seems to grow every day. And customers, partners and suppliers all need direct access to your ecosystems if digital business is going to succeed. Simply scaling up legacy security systems and processes will not work. And relying on monitoring tools or processes will not be sufficient for preventing breaches — even if you know precisely when they happen, you’ll probably be too late to stop them.
What will work is an identity-based approach. Every user, device and application on your network is issued an identity. These identities are used to securely manage all of your critical use cases — including remote access, transaction signing, network authentication, device authentication and secure communications. If and when you begin deploying IOT strategies, this approach becomes even more critical. Control of devices, access to data and authentication of command and control cannot be based on user names and passwords. It will require identity-based security for device authentication and authorization, as well as protection for data at rest, in use and in transit.
The key to issuing and managing these user, device and app identities is PKI. Whether you choose an agile cloud-based managed service or a highly secure on-premise solution, you will be able to issue and manage all of your identities from a single point of control. This approach allows you to connect customers and partners to your ecosystems and accomplish big things — such as accelerating innovation processes, capturing real-time customer insights, dramatically increasing speed to market and creating entirely new products and services.