South African companies are simply not doing enough to safeguard their corporate data against illegal access, mostly looking at LAN connected devices using NAC and other technologies from a security perspective. And while BYOD and wireless solutions have primarily been implemented to make life easier for employees and guests, security measures around these technologies have been, at worst, overlooked and, at best, an afterthought. So says Anton Jacobsz, managing director of Networks Unlimited, South Africa's leading value-added distributor.
“Without an adequate ID and access management (IAM) solution in place, users who are not supposed to have access to critical systems might be able to breach security measures – and this does not only apply to external parties,” he says. “A survey reported by InfoSecurity says that 46 percent of internal users in sales roles admitted to ‘bypassing security controls to access necessary sensitive information to get the job done.’ Security threats really are everywhere and are certainly on the increase as companies deploy cloud technology and mobile apps at a rate of knots.”
“People expect simplicity, ease-of-use and flexibility when accessing workplace resources. Whether they bring in their own devices, use personal apps for company work, or look for unfussy access to corporate resources while away from the office, users face what appear to them as draconian identity controls. But many are just stagnant authentication controls that don’t work very well any more,” says Jeff Carpenter, senior manager of product marketing at RSA, the security division of EMC.
Some organisations are making headway by re-writing the rules on identity management and daring to connect all of their applications (cloud, mobile, on-premise, web) into a single, all-in-one IAM system that allows them to extend their management of legacy and web on-premises apps to include SaaS and mobile offerings. It accommodates users working from any location and it simplifies sign-in without compromising security.
“It is critical to avoid the mistakes that many organisations have made; deploying IAM solutions as silos, each with a separate sign-in interfaces, different rules and administrators, frustrating users who already can’t remember all their passwords and “cheat” by using the same password over and over again,” Carpenter explains.
“RSA Via is the smart identity solution that protects from endpoint to cloud, delivering a secure, efficient, and simple identity solution for all users, from any place and device, to any resource,” says Jacobz. “The Via solution will facilitate companies as they regain control over their users' identities and access, by offering a single, central view of identity, resources, entitlements, and access. With identity being so susceptible to attack, this comprehensive view of who has access to what resources will help our clients better detect and respond to advanced threats.”