1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Identity and Access Management (IAM) Infrastructure is Misaligned with Security

Discussion in 'Network World' started by RSS, May 23, 2016.

  1. RSS

    RSS New Member Member

    Several CISOs I’ve spoken to over the past few years agree that identity is a new security perimeter. The thought here is that a combination of mobile device and cloud use renders existing network perimeters obsolete so security policy enforcement decisions must be driven by identity attributes (i.e. user identity, role, device identity, location, etc.) rather than IP packet attributes. We see this transition coming to fruition with the concept of a software-defined perimeter (SDP) and technologies such as Google BeyondCorp and Vidder PrecisionAccess.

    Yup, this makes sense. Armed with identity attributes, organizations can make intelligent network access decisions on who gets access to which IT assets regardless of their location. Unfortunately, there is a big problem here. The IAM infrastructure was built organically over the last 10-15 years so it depends upon a morass of disconnected and fragile elements. This situation greatly impacts security.

    To read this article in full or to leave a comment, please click here

    Continue reading...

Share This Page