A paradigm shift is underway. There are many “new normals” – and a gold rush of new digital opportunities, but new challenges come hand in hand with these digital opportunities.
As the mobile workforce accelerates, a plethora of smartphones, tablets and wearables are making their way into organisations; the number of cloud and SaaS-based applications used within organisations is also skyrocketing at an unprecedented pace. According to a recent study sponsored by SkyHigh Networks, there are an average of 1,154 cloud services in use by today’s organisations. The most puzzling piece isn’t the magnitude of in use cloud apps and services. Instead, its that, according to a Cloud Security Alliance study, most organisation IT teams believe they have fewer than 50 cloud-based apps in use. That means that over 1,100 cloud apps and services on average are in use within enterprises – however no one but the user has control over those apps and services, and any corporate information shared with them. The problem is, you cannot defend what you don’t know about.
Finally, the last piece of the “new normal” for organisations is the hybrid network. An eclectic mix of enterprise data distributed between in-house and cloud-based apps, with a blend of hosted private and public cloud infrastructures. Consider that a mobile workforce will drive infrastructure changes required to address a more diverse device ecosystem. Then consider that infrastructure addressing mobility, requires greater investment in cloud-based apps and services to support the expanding device ecosystem. Consequently, the future of the network fabric for the foreseeable future will be hybrid.
So, with a “new normal” of mobility, cloud, and hybrid networks, how can organisations address network, application and data accessibility? With so many new devices that are mobile and under limited corporate control; along with applications and data scattered about the network in various clouds and SaaS deployments; how can an enterprise be assured of fast, appropriate, authenticated and authorised access?
With so many variables, there is one constant that remains: Identity. The user – and their identity – is, arguably, the “new perimeter” for the enterprise, today and onward. As the traditional network perimeter has been broken and become fragmented, identity has become the new perimeter.
As applications, data and even networks move faster toward the cloud, and the user-controlled BYOD driven mobile ecosystem expands, corporate control has become more difficult, dispersed and dependent on others. However user identity remains constant and backed by authentication, authorisation, and accounting (AAA), identity is now the first line of defence for secure corporate access.
Identity in itself is just a small piece for controlling the new parameters of access. The context of a user’s access request, and their environment at the time of access request, follow identity; inarguably, they have as much to do with securing appropriate access as identity. The ability to address the who, what, when, where, why, and how assures, enhances, and differentiates secure access to networks, clouds, applications and data – wherever they may reside and however they are comprised.
Ensuring user identity is efficiently, securely shared between networks, clouds, applications, and data – wherever they live – is now a necessity. Yet, there are challenges: Identity silos, on-premise identity with cloud and SaaS-based apps and data, and user password fatigue leading to weak user names and passwords – which are easily compromised. That’s where building an effective identity bridge plays a major role. Federation builds a trusted chain of user identity between two entities – networks, clouds, & applications through industry standards, such as SAML. The cumbersome duplication and insertion of identity directories becomes unnecessary.
Identity and access is controlled by an enterprise, with authentication occurring between the enterprise, and cloud and SaaS providers. Instant user authentication and its termination is centralized and under enterprise control. Identity federation delivers access visibility and control together.
Leveraging identity for access control, and building identity bridges are now imperative for organisations, as applications move outside the enterprise domain, the workforce and their devices are mobile and outside the traditional perimeter.
So take a moment to reach out to us and have a chat about leveraging your existing F5 investment to see what you have been missing.