/pcq/media/agency_attachments/L8pkS8gpnodJThOdAfv1.jpg)
Follow Us/pcq/media/media_files/0ksrdTC6cLlMRHHbEK14.png)
Indian organizations face over 2,800 incidents weekly, making them prime targets. New research shows 93 percent of organisations faced at least two identity-related breaches in 2023. Rapid adoption of cloud and AI, is increasing human and machine identities, potentially tripling in 2024; Machine identities are vulnerable due to unmanaged access to sensitive data. Other issues include disparate identity management solutions across multi-cloud environments; legacy system complexity and identity silos; and lack of real-time visibility into user activity.
Traditional security models fall short, necessitating a comprehensive, proactive, identity-centric approach to protect vulnerable attack surfaces. This involves a comprehensive Identity & Access Management (IAM) strategy that manages all identities with consistent policies and tools, providing holistic visibility into who has access to enterprise resources.
Secure identity first with an identity fabric
An identity-centric approach secures user identity using identity-based access control and authentication to prevent misuse of enterprise systems. This involves securely establishing, verifying, and granting appropriate permissions for digital access. A paradigm shift is needed to secure every identity, human or non-human, with intelligent access controls. As AI becomes mainstream, identity security controls must reduce friction with business processes and amplify productivity, efficiency and innovation.
Experts believe, to achieve identity-centric security, enterprises must evolve their IAM infrastructure into an identity fabric - a system of systems comprising various IAM tools enabling adaptive, consistent, and risk-aware access control of any user, human or machine. Supporting advanced analytics and quick integration across hybrid and multi-cloud, the identity fabric addresses many identity management challenges. Contrary to vendor claims, an identity fabric is not an off-the-shelf packaged solution, but a gradual, unique process for each organisation. It evolves traditional identity and access management by improving it in the following ways:
Lowers complexity: With conventional IAM, organisations struggle to consistently manage and govern multiple identity solutions spread across cloud and on-premise environments. The identity fabric unifies disparate identity solutions, allowing for easier and cost-effective administration. It enables centralized control of authorization and other identity management functions, applied in a decentralized manner, thus improving IAM consistency.
Improves composability: The identity fabric couples infrastructure elements loosely, making it easier and faster to integrate, enhance, or change them. This allows components and their functions to be reused across multiple use cases.
Offers proactive, near real-time protection: Leveraging AI algorithms to identify anomalous patterns and behaviors from massive data, the identity fabric allows organisations to detect and avert threats in (near) real-time or take prompt action to minimise damage. Advanced identity analytics monitors the system, recommends configuration changes, and supports real-time decisions and automated responses.
Better support across user types: Identity fabric enables flexible deployment of identity management functions for both human and non-human users. Universal Functions can be deployed broadly, while specific ones can be selectively implemented for groups like gig workers or vendors. This is crucial as machine identities grow and hybrid cloud environments become more complex. Techniques such as certificate lifecycle management, PKI management, and cryptographic code signing help enterprises secure machine communications on-cloud and on-premise.
Safeguard the IoT with IDoT
With billions of IoT devices, safeguarding these “things” and their data starts with uniquely identifying each one. Every connected component must be identified, along with its user and purpose. Identity management in IoT must facilitate relationships between people and things, including systems and applications. This is the scope of the “Identity of Things” (IDoT), an evolutionary concept in identity and access management that provides security, relationship management and data protection.
IDoT is an enhanced model of identity and access management for the Internet age. Like the identity fabric for hybrid or multi-cloud environment, IDoT safeguards the identities of people, systems, and devices in IoT, building trust in its data. This is enabled by policies and technology controls that orchestrate IDoT and establish zero trust principles to manage IoT access risks.
More than IAM needed
As technologies and identities proliferate, the risk of cyberattacks rises, necessitating identity-centric security over perimeter security. Traditional IAM, focused on securing the perimeter by managing user identities, can’t handle machine identities or the needs of multi-cloud and IoT environments. Evolving IAM, like the Zero Trust identity security framework, addresses security policies for identity fabric and the identity of things, bridging these gaps.
Author:
/pcq/media/media_files/SSe7QpyUjAWbdr3wzvVo.jpg)
Brijesh Balakrishnan, Vice President & Global Head of CyberSecurity Practice, Infosys