Jan 06 2021

How Highly Mobile Enterprises Should Use IAM Tools

To secure the growing variety of mobile devices used across the network, companies need robust and reliable identity access management solutions.

Enterprises are more mobile than ever as much of in-office operations have moved to remote work arrangements. This has resulted in an increasing number of employees accessing secure corporate networks from both business-owned and personal mobile devices to connect with colleagues, collaborate on projects and meet critical deadlines.

But this increased demand for device access also introduces cybersecurity risk: In the first quarter of 2020 alone, mobile phishing efforts increased by 37 percent as attackers looked for ways to leverage emerging pandemic priorities for their own gain.

To combat this issue and shore up corporate security, highly mobile enterprises must adopt robust and reliable identity and access management (IAM) solutions capable of verifying user identity, authenticating action requests and ensuring the right people have access to the right data at the right time.

The Current State of Mobile Security

Recent survey data from TechRepublic found that 67 percent of IT pros believe current mobile defenses aren’t keeping pace with new threats — a worrisome number, since 83 percent of those asked also said their own companies are at risk of mobile attacks.

The biggest threat is employees, both nontechnical and those working in IT. While 81 percent of enterprises said staffers pose the largest risk to mobile security, almost half of all IT pros were willing to sacrifice standard security procedures if it meant “getting the job done.” Add in the now-distributed nature of corporate operations and it’s a recipe for mobile disaster.

The Challenge of Managing Moving Targets

Corporate endpoints are no longer static. Gone are the days of privileged network access contained to a small number of onsite desktop and laptop devices. Today, endpoints go everywhere with users and may request access to protected corporate information anywhere, anytime.

As noted by Forbes, this creates a new security framework, one where mobile identity functions as a protection perimeter. Pre-COVID-19, 89 percent of security leaders pointed to mobile devices as the next logical step in digital identification to access corporate resources. Today, these same mobile devices are often the only way staff can reliably connect to company networks.

MORE FROM BIZTECH: Learn how an integrated security solution can simplify your organization's protection.

While it’s helpful for employees to use straightforward security solutions such as virtual private networks to protect digital assets, that’s just the beginning. In a world where users are both the best line of defense and the most worrisome IT threat, enterprises must develop and deploy zero-trust frameworks that take nothing for granted.

What Is Identity and Access Management?

Identity and access management solutions combine three key concepts to improve mobile security:

  • Identification: Who’s requesting access? IAM tools first assess user claims of identity: Is the user entering a valid username? Where is the request coming from? When?
  • Authentication: The most familiar form of authentication is password protection, but these knowledge-based techniques are easily undermined by determined attackers. As a result, additional authentication efforts such as biometric markers or physical tokens are often used.
  • Authorization: Identification and authentication aren’t enough to grant access. IAM tools also do the work of evaluating authorization based on corporate rule sets around staff roles and project responsibilities: What specific assets and resources are employees authorized to use?

In isolation, each approach provides a measure of protection against potential mobile attacks. Together, they offer much more substantive security.

How to Implement Identity Access Management

When it comes to deploying IAM options at scale, organizations have two broad options: on-premises or in the cloud. Solutions such as the CA Identity Manager operate on-premises, providing companies complete control over identity conditions, requirements and assessments across device endpoints.

Cloud-based services such as those offered by Centrify and Okta, meanwhile, look to reduce complexity and streamline deployment with Identity Management as a Service frameworks that provide built-in integrations with popular cloud apps along with robust digital connections for traditional enterprise software systems.

No matter which approach enterprises choose — on-premises, in the cloud or a hybrid mix of both — it’s also worth considering the advantages of multifactor authentication within IAM applications. Typically, authentication uses one of three methods:

  • Something users know: This includes knowledge-based pieces of information such as passwords. The problem? They can be lost, forgotten or stolen and expose companies to undue risk.
  • Something users have: This includes physical tokens such as USB sticks or one-time digital passcode generators. SMS codes are sometimes listed here, but since these text transactions require transmission there’s the potential for malicious interception.
  • Something users are: This includes biometric tools such as fingerprint, retina or facial scanners. While these technologies often provide greater overall security, they typically come with higher costs than other authentication options.

Robust and reliable IAM tools are critical for companies to manage increasingly mobile workforces. With endpoints expanding and digital user identities forming the new security perimeter, enterprises need IAM solutions that help reduce complexity, reimagine zero trust and reinforce multifactor authentication.

farakos/Getty Images

Become an Insider

Unlock white papers, personalized recommendations and other premium content for an in-depth look at evolving IT