Mobile devices, the applications that run on them and the interfaces that connect them are now common fixtures in today's digital enterprise.
According to a Citrix mobile analytics report, the total number of enterprise mobile devices in use rose by 72% over the course of one year.
Businesses have eagerly adapted their business processes and IT infrastructure to accommodate this evolution, but many have overlooked how these mobile devices and APIs are accessed and authorized. This leaves the enterprise vulnerable to a security breach.
Traditional web access management (WAM) solutions work fine for web apps on a single domain. But as your business becomes more mobile, apps migrate to the cloud, and APIs connect it all, they just don't meet your business needs anymore.
As new mobile apps spring up in business units throughout the enterprise, many companies try to operate with an array of access security platforms and tools, each servicing several silos of applications and resources. But moving these applications and their access security platforms to the cloud or accessing them remotely is extremely difficult. Bottom line: extending legacy WAM solutions to meet today's mobile needs is clunky, costly and time consuming.
Here's why traditional WAM systems just don't work well:
Lack of integration
Some WAM solutions have been around for a decade and were designed to handle Internet traffic. But traffic only came through a single entry point. Traditional WAM vendors have tried bolting on features to make their solution mobile-worthy, but they just don't provide the required level of integrated identity and access management (IAM) meant for today's enterprise mobile use. For instance, CA bought additional technology that provides API management, but it doesn't integrate well. It has two separate sets of administrative tasks, audit laws and policies, which makes implementation clunky and complex.
Difficult to retrofit
Traditional WAM solutions were focused on access management based on policies. When mobile began infiltrating the enterprise, organizations started building these apps to circumvent their WAM systems because they weren't easy to retrofit. Instead, they built authorization and authentication into those apps using application programming interfaces (APIs) to provide the programming instructions and standards for accessing web-based applications and tools.
The app is probably caching IDs and passwords locally on the device, too, and that's a huge problem. Hackers have been able to infiltrate those APIs and gain keys to the kingdom. Custom greeting card website Moonpig knows this firsthand after a similar breach involving hacked APIs.
Can't move at the speed of today's digital business
Consider Gartner's prediction: by year-end 2020, 80% of user access will be shaped by new mobile and non-PC architectures that service all identity types, regardless of origin. Even if you aren't heavily focused on mobile or securing APIs today, your business is evolving, and your WAM will continue to struggle to keep up.
Legacy access management was characterized by a simple path from a single user on a single device to a single application in the data center. But today's digital business is more likely to be comprised of a web of paths involving a variety of application locations, endpoints and things.
Characteristics of a Winning Modern WAM Solution
Mobile-savvy enterprises must be able to deliver secure, one-click access from any device. Today's access management solution should have a secure single sign-on experience for mobile applications, it should support the latest identity standards like OAuth and OpenID Connect, and should be able to deploy identity and access security without refactoring back-end applications.
Ping's Identity Defined Security platform is the only IAM solution that is engineered to leverage modern cloud, mobile and API technologies as well as legacy on-premises applications.
All mobile access to enterprise data is governed through our gateway servers, providing access management that sits in front of all APIs. When mobile apps need to get in, Ping takes care of the five key attributes of WAM security--authorization, authentication, standards, auditing and throttling.
Modern access management solutions also have many business benefits. Centralized access management of mobile and APIs accelerates the time to market of secure mobile applications. It also cuts the cost of extending identity security to mobile apps, and diminishes the risk of a lost or stolen smart device.
With a modern access management solution, enterprises can feel more confident saying 'yes' to mobile and all of its benefits with significantly fewer security risks.