At the heart of our endeavors to create dynamic networks that drive collaboration, information sharing and business performance to new levels is the essential concept of identity management. If IT managers are to provide extensive access to the kingdom without compromising it, they must ensure that the barbarians remain beyond its perimeter.
As Tom Gillis argues in Securing the Borderless Network, conventions of the past have been blown away by the considerable demands and risks of the present:
As businesses embrace collaboration and globalization, the hard connection between policy and physical infrastructure becomes strained. To transact business without borders, we need security policies that express simple ideas about which workers can access which applications and data, without being hard-wired to IP addresses, subnets, and the complex infrastructure that powers all networks.
In short, security can no longer be tied inextricably to the physical infrastructure underneath it. The unconstrained access to information we seek requires an advanced security system that abstracts the underlying network fabric. The system needs to enable businesses to express policies in terms of who a user is, what applications he or she uses, and what content he or she accesses. It must work both inside and outside the traditional corporate network to meet the security challenges of today’s decentralized and highly collaborative work environment. And it must enable an enterprise that transcends borders, where users, assets, and critical information are all protected.
Cybercriminals are everywhere now – prepared to unleash their malware, steal data and initiate all manner of destructive chaos. They have even become quite skilled at mimicking the identities of legitimate users.
Unfortunately, the challenge of determining identity is more complex than ever, particularly as users switch between locations and devices (corporate- and non-corporate issued).
Going forward, security systems will have to be smart enough to detect the precise identity of the user – no matter what device is being deployed. Indeed, devices must be fully authenticated. Policies must clearly define which actions can be performed and which cannot.
“To reduce this complexity, the security architecture of tomorrow must operate at a high level,” concludes Gillis. “Identity is the foundation of this system, and it is the common language that will enable businesses large and small to collaborate with confidence.”