Unified identity security company, One Identity, focuses on helping organisations close the cybersecurity exposure gap that exists with newfound identity vulnerabilities and stopping opportunistic bad actors before they can seek to utilise it.
The identity perimeter is a relatively new phenomenon. Twelve years ago, workers were almost always in an office, using office devices. There used to be a data centre for a particular firm. Now any employee may use their phone, smart watch, or laptop to access work, anytime, anywhere.
Alan Radford, a Global Field Strategist at One Identity, suggested during his presentation that traditional models operate on the wrong assumption that everything and everyone is trustworthy. But now we are on the cloud, and that is a whole other ball game.
Today organisations are experiencing identity sprawl like none other, One Identity has found that most companies are ill-equipped to close the cybersecurity exposure gap.
Think of it as a matter of personas, Radford said. Personas in a workplace may include the general employee, the privileged employee, as well as any applications and robots. These personas can be split into two categories—human and non-human.
The human identity perimeter was of course born out of human resources. However, Radford is quick to point out, there is now a new persona – artificial intelligence. Businesses that hire out robots, or are entirely comprised of robots, have little or no need for human resources.
So, he asked, how many bots are there in a human resource system?
This is where measurements come in. Using measurements based in the contexts from which they are recorded, Radford suggested that firms determine how many applications are being used and how many of each type of persona there is. These applications should then be aggregated together.
He asked his audience during his talk to raise their hands if they thought 25 systems for managing identity access within one firm was a high number. There was a resounding… no response. He then jokingly asked whether it was a low number. There came the laughter, and nodding. Companies use more than 25 systems just for managing access? Apparently so!
This sort of sprawl causes lots of gaps and inconsistencies within the identity perimeter of an organisation, which is something One Identity hopes to help with.
What is the solution, then?
According to Radford, if there are different teams looking after different security applications within one firm, this creates separate security cultures. There should be only one. If a firm consolidates its data silos into one, there then becomes one culture, and one team. This is beneficial for many reasons. This sort of consolidation is recommended by Gartner, he was sure to note.
By combining Identity Governance and Administration (IGA), Privileged Access Management (PAM), and Identity and Access Management (IAM), One Identity has produced the industry’s first unified identity management platform. Its formation marks a new era in identity management – all an organisation’s identity needs are handled by one vendor, by the same technology, signalling the advent of true unified identity security.
