{"id":615963,"date":"2023-03-09T08:49:14","date_gmt":"2023-03-09T14:49:14","guid":{"rendered":"https:\/\/news.sellorbuyhomefast.com\/index.php\/2023\/03\/09\/access-management-must-get-stronger-in-a-zero-trust-world\/"},"modified":"2023-03-09T08:49:14","modified_gmt":"2023-03-09T14:49:14","slug":"access-management-must-get-stronger-in-a-zero-trust-world","status":"publish","type":"post","link":"https:\/\/newsycanuse.com\/index.php\/2023\/03\/09\/access-management-must-get-stronger-in-a-zero-trust-world\/","title":{"rendered":"Access management must get stronger in a zero-trust world"},"content":{"rendered":"
\n
\n

\n

\"Zero<\/p>\n

\n

Image Credit: Getty Images<\/em><\/p>\n<\/div><\/div>\n<\/p><\/div>\n

\n
\n
\n

Access management (AM) done right is the fuel for successful digital transformation. Identities and AM are core to earning customers\u2019 trust \u2014 a must for digital-first initiatives to get a strong start and deliver revenue.<\/p>\n

AM and identities must be granular, role-based and as just-in-time as possible. Enterprises achieving that today are seeing zero-trust<\/a> security frameworks becoming instrumental in digitally-driven revenue growth.\u00a0<\/p>\n

CISOs tell VentureBeat their cybersecurity<\/a> budgets are linked more closely than ever to protecting digital transformation revenue gains. And they see working to grow digital-first revenue channels as a career growth opportunity<\/a>.<\/p>\n

Security and risk management professionals must turn AM into cybersecurity strength, and show that zero-trust frameworks are adaptive and flexible in protecting new digital customer identities. Zero trust<\/a>\u00a0contributes to securing every identity and validating that everyone using a system is who they say they are.\u00a0Earning and growing customer trust in a zero-trust world starts with a strong AM strategy that scales as a business grows.\u00a0<\/p>\n

Authorization, adaptive access and getting directory and identity synchronization right also become significant challenges as an organization gets larger.<\/p>\n

Securing identities is core to digital transformation\u00a0<\/strong><\/h2>\n

\u201cAdding security should be a business enabler. It should be something that adds to your business resiliency, and it should be something that helps protect the productivity gains of digital transformation,\u201d said George Kurtz, cofounder and CEO of\u00a0CrowdStrike<\/a>,<\/a> during his company\u2019s annual event last year<\/a>. Boards of directors and the CEOs who report to them are starting to look at zero trust not purely as a risk-reduction strategy.<\/p>\n

CIOs and CISOs tell VentureBeat that they are now including zero trust in the first phases of digital transformation projects. And getting AM right is essential for delivering excellent customer experiences that scale safely in a zero-trust world.\u00a0<\/p>\n

\u201cWhile CISOs need to continue working on translating technology and technical risk into business risk and \u2026 better deliver that risk story to their board, on the other side of the aisle, we need the board to be able to understand the true implication of cyber risk on the ultimate shareholder value and business goals,\u201d said Lucia Milica, global <\/a>resident<\/a> CISO at Proofpoint<\/a>.<\/p>\n

Excel at protecting identities to make your brand more trusted\u00a0<\/strong><\/h2>\n

It doesn\u2019t take much to lose a customer\u2019s trust forever. One thing most can\u2019t look past is being personally victimized by having their identities compromised during a breach. Sixty<\/a>-nine percent<\/a> will stop buying from brands that use their data without permission. Sixty-<\/a>eight<\/a> percent<\/a> leave if their data-handling preferences are violated, and 66<\/a>%<\/a> leave a brand forever if a breach puts their identity data at risk. Gen Z is by far the least forgiving of all customer segments, with 60<\/a>%<\/a> saying they\u2019ll never buy again from a brand that breaches their trust. Over time, it takes a series of consistent experiences to earn customers\u2019 trust, and just one breach to lose it.\u00a0<\/p>\n

Joe Burton, CEO of identity verification company Telesign<\/a>, has a customer-centric perspective on how access management must be strengthened in a zero-trust environment. In a recent interview, Burton told VentureBeat<\/a> that while his company\u2019s customers\u2019 experiences vary significantly depending on their digital transformation goals, it is essential to design cybersecurity\u00a0and zero trust into their workflows.<\/p>\n

Enza Iannopollo, principal analyst at Forrester, told VentureBeat that privacy and trust have never depended more on each other, reinforcing the importance of getting AM right in a zero-trust world. As Iannopollo wrote in a recent blog <\/a>post<\/a>, \u201cCompanies understand that trust will be critical in the next 12 months\u00a0\u2014<\/strong>\u00a0and more so than ever. Companies must develop a deliberate strategy to ensure they gain and safeguard trust with their customers, employees and partners.\u201d<\/p>\n

How access management needs to become stronger\u00a0<\/strong><\/h2>\n

For 64% of <\/a>enterprises<\/a>, digital transformation is essential for survival. And one in five (<\/a>21<\/a>%)<\/a> say embedding digital technologies into their current business model is necessary if they are to stay in business.\u00a0<\/p>\n

It\u2019s innovate-or-die time for businesses that rely on digitally driven revenue. Nine out of 10 enterprises believe their business models must evolve faster than they are evolving today, and just<\/a> <\/a>11%<\/a> believe their models are economically viable through 2023.<\/p>\n

With the economic viability of many businesses on the line even before the economy\u2019s unpredictable turbulence is factored in, it\u2019s encouraging to see boards of directors looking at how they can make zero-trust security frameworks stronger, starting with identity. Credit CISOs when they educate their boards that cybersecurity is a business decision because it touches every aspect of a business today.<\/p>\n

Gartner provides a helpful <\/a>framework<\/a> for taking a comprehensive, strategic view of the broad scope of identity access management (IAM)<\/a> in large-scale enterprises. One of its most valuable aspects is its graphical representation that explains how IAM-adjacent technologies are related to four core areas. Gartner writes in the Gartner IAM Leaders\u2019 <\/a>Guide<\/a> to Access Management<\/a> (provided courtesy of Ping<\/a> Identity<\/a>) that \u201cthe bigger picture of an IAM program scope includes four main functional areas: Administration, authorization, assurance, and analytics. The AM discipline provides authorization, assurance, analytics, and administrative capabilities. It is responsible for establishing and coordinating runtime access decisions on target applications and services.\u201d<\/p>\n

Gartner\u2019s structural diagram is helpful for enterprises that need to sync their zero-trust frameworks, zero-trust network access (ZTNA) infrastructure and tech stack decisions with their organization\u2019s digital transformation initiatives.<\/p>\n

\"AM
Strengthening AM in a zero-trust world to protect new digitally driven revenue is a multifaceted challenge that will take a unique form in every enterprise. Source: Optimal IdM blog post<\/a>,<\/a> IAM Leader\u2019s <\/a>Guide<\/a> to Access Management<\/a><\/figcaption><\/figure>\n

CISOs tell VentureBeat that AM and its core components, including multi-factor authentication (MFA)<\/a>, identity and access management (IAM) and privileged access management, are quick zero-trust wins<\/a> when implemented well. The key to strengthening AM in a zero-trust world is tailoring each of the following areas to best reduce the threat surfaces of an enterprise\u2019s core business model.\u00a0<\/p>\n

Strengthen user authentication to be continuous<\/strong><\/h3>\n

MFA and single sign-on (SSO) are the two most popular forms of identity management and authentication, dominating the SaaS application and platform landscape. CISOs tell VentureBeat MFA is a quick win on zero-trust roadmaps, as they can point to measurable results to defend budgets.<\/p>\n

Making sure MFA and SSO techniques are designed into workflows for minimal disruption to workers\u2019 productivity<\/a> is critical. The most effective implementations combine what-you-know (password or PIN code) authentication routines with what-you-are (biometric), what-you-do (behavioral biometric) or what-you-have (token) factors. MFA and SSO are the baselines that every CISO VentureBeat interviewed about their zero-trust initiatives is aiming at today \u2014 or has already accomplished.\u00a0<\/p>\n

A crucial part of strengthening user authentication is auditing and tracking every access permission and set of credentials. Every enterprise is dealing with increased threats from outside network traffic, necessitating better continuous authentication, a core tenet of zero trust. ZTNA frameworks are being augmented with IAM and AM systems that can verify every user\u2019s identity as they access any resource, and alert teams to revoke access if suspicious activity is detected.<\/p>\n

Capitalize on improved CIEM<\/strong> from PAM platform vendors<\/h3>\n

PAM platform providers must deliver a platform capable of discovering privileged access accounts across multiple systems and applications in a corporate infrastructure. Other must-haves are credential management for privileged accounts, credential valuation and control of access to each account, session management, monitoring and recording. Those factors are table stakes for a cloud-based PAM platform that will strengthen AM in a ZTNA framework.<\/p>\n

Cloud-based PAM platform vendors are also stepping up their support for cloud infrastructure entitlement management (CIEM). Security teams and the CISOs running them can get CIEM bundling included on a cloud PAM renewal by negotiating a multiyear license, VentureBeat has learned. The PAM market is projected to grow at a compound annual growth rate of 10.7% from 2020 to 2024, reaching a market value of $2.9 <\/a>billion<\/a>.<\/p>\n

\u201cInsurance underwriters look for PAM controls when pricing cyber policies. They look for ways the organization is discovering and securely managing privileged credentials, how they are monitoring privileged accounts, and the means they have to isolate and audit privileged sessions,\u201d writes Larry <\/a>Chinksi<\/a> in CPO Magazine.<\/p>\n

Scott Fanning, senior director of product management, cloud security at CrowdStrike, told VentureBeat that the company\u2019s approach to CIEM provides enterprises with the insights they need to prevent identity-based threats from turning into breaches because of improperly configured cloud entitlements across public cloud service providers.<\/p>\n

Scott told VentureBeat that the most important design goals are to enforce least privileged access to clouds and provide continuous detection and remediation of identity threats. \u201cWe\u2019re having more discussions about identity governance and identity deployment in boardrooms,\u201d Scott said.<\/p>\n

\"CrowdStrike's
CrowdStrike\u2019s CIEM dashboard delivers insights into which indicators of attack (IoAs) are trending, alerts about policy violations, and configuration assessments by policy for identities, lateral movement and least privileged violations to the credential policy level. Source: CrowdStrike<\/a><\/figcaption><\/figure>\n

Strengthen unified endpoint management (UEM) with a consolidation strategy<\/strong><\/h3>\n

IT and cybersecurity teams are leaning on their UEM vendors to improve integration between endpoint security, endpoint protection platforms, analytics, and UEM platforms. Leading UEM vendors, including IBM<\/a>, Ivanti<\/a>, ManageEngine<\/a>, Matrix42<\/a>, Microsoft<\/a> and VMWare<\/a>, have made product, service and selling improvements in response to CISOs\u2019 requests for a more streamlined, consolidated tech stack.<\/p>\n

Of the many vendors competing, I<\/strong>BM, Ivanti and VMWare lead the UEM market with improvements in intelligence and automation over the last year. Gartner, in its latest Magic <\/a>Quadrant<\/a> for UEM Tools<\/a>, found that \u201csecurity intelligence and automation remains a strength as IBM continues to build upon rich integration with QRadar<\/a> and other identity and security tools to adjust policies to reduce risk dynamically. In addition, recent development extends beyond security use cases into endpoint analytics and automation to improve DEX.\u201d<\/p>\n

Gartner praised Ivanti\u2019s UEM solution: \u201cIvanti<\/a> Neurons for Uni\ufb01ed Endpoint <\/a>Management<\/a> is the only solution in this research that provides active and passive discovery of all devices on the network, using multiple advanced techniques to uncover and inventory unmanaged devices. It also applies machine learning (ML)<\/a> to the collected data and produces actionable insights that can inform or be used to automate the remediation of anomalies.\u201d<\/p>\n

Gartner continued, \u201cIvanti continues to add intelligence and automation to improve discovery, automation, self-healing, patching, zero-trust security, and DEX via the Ivanti Neurons platform. Ivanti Neurons also bolsters integration with IT service, asset, and cost management tools.\u201d<\/p>\n

What\u2019s on CISOs\u2019 IAM roadmaps for 2023 and beyond\u00a0<\/strong><\/h2>\n

Internal and external use cases are creating a more complex threatscape for CISOs to manage in 2023 and beyond. Their roadmaps reflect the challenges of managing multiple priorities on tech stacks they are trying to consolidate to gain speed, scale and improved visibility.<\/p>\n

The roadmaps VentureBeat has seen (on condition of anonymity) are tailored to the distinct challenges of the financial services, insurance and manufacturing industries. But they share a few common components. One is the goal of achieving continuous authentication as quickly as possible. Second, credential hygiene and rotation policies are standard across industries and dominate AM roadmaps today. Third, every CISO, regardless of industry, is tightening which apps users can load independently, opting for only an approved list of verified apps and publishers.<\/p>\n

The most challenging internal use cases are authorization and adaptive access at scale; rolling out advanced user authentication methods corporate-wide; and doing a more thorough job of handling standard and nonstandard application enablement.<\/p>\n

External use cases on nearly all AM roadmaps for 2023 to 2025 include improving user self-service capabilities, bring-your-own-identity (BYOI), and nonstandard application enablement.<\/p>\n

The greater the number of constituencies or groups a CISOs\u2019 team has to serve, the more critical these areas of AM become. CISOs tell VentureBeat that administering internal and external identities is core to handling multiple types of users inside and outside their organizations.<\/p>\n

VentureBeat’s mission<\/strong> is to be a digital town square for technical decision-makers to gain knowledge about transformative enterprise technology and transact. Discover our Briefings.<\/a><\/p>\n<\/p><\/div>\n<\/p><\/div>\n

Read More<\/a>
\n Louis Columbus<\/p>\n","protected":false},"excerpt":{"rendered":"

March 8, 2023 10:18 AM Image Credit: Getty Images Access management (AM) done right is the fuel for successful digital transformation. Identities and AM are core to earning customers\u2019 trust \u2014 a must for digital-first initiatives to get a strong start and deliver revenue. AM and identities must be granular, role-based and as just-in-time as<\/p>\n","protected":false},"author":1,"featured_media":615964,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4397,1913,46],"tags":[],"class_list":{"0":"post-615963","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-access","8":"category-management","9":"category-technology"},"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/posts\/615963","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/comments?post=615963"}],"version-history":[{"count":0,"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/posts\/615963\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/media\/615964"}],"wp:attachment":[{"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/media?parent=615963"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/categories?post=615963"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/tags?post=615963"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}