By GABEY GOH firstname.lastname@example.org
PETALING JAYA: Identity management and authentication are becoming increasingly important as enterprises learn to cope with the rapidly changing ways its employees are communicating and interacting.
According to Vic Mankotia, vice-president of security for Asia Pacific & Japan at CA Technologies, many organisations are now past the “virtual” stage of the path towards becoming a fully cloud-connected company.
“But before that happens, security challenges must first be addressed and become a business enabler,” he said.
According to a global survey, 58% of organisations reported suffering a privacy breach in the past year; with each breach costing an average of US$7.2mil (RM21.6mil) to fix and recover, in addition to its damage to the business, said Mankotia. He said that 80% of the data currently being shared by people is unstructured and that it is how this data is being shared which forms the most pressing security risk facing organisations today.
He said his company’s approach to IT security is data-centric, focused on moving from the “security of no” to the “security of know.”
“The security of ‘know’ boils down simply to knowing identities, knowing risk and knowing content,” he explained.
It is this content-centric layer of security that organisations need to augment the traditional approach of crafting multiple layers to make security “holes” smaller.
To illustrate, Mankotia pointed to the boarding process for flights at airports. “From check-in, you go to the gate with three elements — yourself, your passport and the boarding pass, which has been recorded as a session.
“The X-ray machine at the final gate is another security measure akin to data loss prevention, and you board as a privileged user,” he said.
“Identity has become our new perimeter and a proactive approach to optimising the roles of people, processes and technology,” he said.
In line with the changing security needs of its clients, CA Technologies recently announced advancements to further build out its Content-Aware Identity and Access management (IAM) vision.
According to Mankotia, traditional IAM which associates content and data policies with identities and roles, stops at the point of access but the company’s “next-generation approach” takes IAM a step further to help control users, their access and how they handle information.
The new approach is touted to help organisations protect critical information from inappropriate use or disclosure.
“Identity intelligence reduces miscommunications. The trust we bestow on people in the connected world is far too high compared with that in the real world,” he said.
New offerings under this suite of security solutions include delivering a security solution for Microsoft SharePoint to help improve information security, reduce risk and meet compliance mandates.
Mankotia also noted that there is no software-only solution to the challenges of securing and safeguarding company data. “You must have a combination of people, process and software,” he said.
For more information, visit www.ca.com.
Did you find this article insightful?