Cybersecurity is a hot topic these days, especially after the rash of high profile data breaches in the last year. In fact, the Wall Street Journal cites that, "...this year, 1,517 companies traded on the New York Stock Exchange or Nasdaq NDAQ -0.60% Stock Market listed some version of the words cybersecurity, hacking, hackers, cyberattacks or data breach as a business risk in securities filings, according to a Wall Street Journal analysis. That is up from 1,288 in all of 2013 and 879 in 2012." Read the full WSJ cybersecurity article.
This is the second to last blog in our exploration of the six IT trends discussed in the 'Beyond the Firewall: How a New IAM Architecture Takes Your Business Forward' webinar and whitepaper. If you haven't been reading along this past two months, I've been elaborating on each of the six IT trends in weekly blog posts (read the first post here). I will continue elaborating on the trend Hackers, Bugs, Spies and Big Data [Oh My!].
You might be asking what Big Data has to do with Hackers, Bugs and Spies... well, Big Data is a big target for cybercriminals. Although the business advantages of Big Data, such as knowing buying behavior and being able to target marketing with great accuracy are great, the threats of hackers cannot be ignored.
A breach of Big Data information could spell disaster to both the users of the stolen identities and the organization storing the information. Question is, are all known actions being taken to protect identities from theft and what is the best action to take?
According to Help Net Security, the number one cause of breaches is stolen user credentials (usernames and passwords). Yet, despite this statistic, most enterprises still use legacy access and identity and access management (IAM) systems built to operate within the firewall that rely on usernames and passwords as a primary security practice. However, in this decade of software-as-a-service (SaaS), business happens outside the firewall. The massive numbers of cloud-based apps and application programming interfaces (APIs) that are common practice must be secured with something other than usernames and passwords. Otherwise, user credentials are easily up for grabs.
The new, next generation model of IAM, relying on federation, standards and Identity Management as a Service (IDaaS), must be implemented (either as a standalone solution or alongside a stack solution) to truly secure and protect identities and Big Data. This next generation model of IAM provides bi-directional security across the firewall using encrypted tokens and other controls. It also can be implemented within days and offers extreme returns on investment (ROI).
We want to hear from you. What practices do you have in place to protect your identities and highly sensitive data? Are they working and will they continue to secure your organization in the years to come? What related security problems do you foresee in the near future?
Come back next week for our final installment in this Beyond the Firewall blog series when I explore how to manage customers and partners need for Expanded Access to corporate applications, services and data.