Identity and access management (IAM) is a critical facet of a connected security ecosystem, as controlling the confidentiality, integrity and authorisation of data access and use is key to securing new digi- tal business channels.
However, companies face several challenges trying to implement IAM systems, as many do not know who is authorised to access what data when, why, from where and through which devices. Therefore, mobile IAM services are emerging as suitable solutions for a range of IAM challenges, says German information and communication technology multinational T-Systems South Africa support and enabling services portfolio manager Rory Young.
“The ‘digital revolution’, characterised by the proliferation of ubiquitous connectivity, has led to digital business becoming a normal part of daily business. “Mobile devices are everywhere, and thus require effective IAM to protect the business and customers,” he says.
Traditional network and corporate boundaries no longer exist, physical boundaries are being eroded and organisational structures and hierarchies are being challenged. The struggle to control and manage access can lead to the exposure of business and customer data, as well as corporate intellectual property.
“Organisations need greater control over access to mitigate risk and remain compliant with regulations regarding access to and the confidentiality and integrity of data,” Young states.
“Existing IAM and security poli- cies need to be extended into the software-as-a-service cloud services, as well as to mobile devices and applications, while ensuring that adequate security is in place to meet the needs of business and audit requirements,” he says.
However, solutions must provide not only identity and access controls but also rich analytics to enable businesses to better understand how data is being accessed and used by various organisational roles across their operations. This allows for more accurate decision- making regarding IAM strategy, policy and target investment on an ongoing basis.
Centralising IAM provides organi- sations with a real-time global view of identity and access activity, while improving analytical capabilities. Multifactor authentication capability enhances security and also allows for richer and deeper activity analysis.
“Proactive alerts can be set; for example, if a user appears in two locations simultaneously or if there are consecutive uses where the locations are too far apart, based on the access time recorded. “Data can also be analysed to determine who is accessing what, where and when, enabling organisations to improve efficiencies across the enterprise security landscape.”
Further, mobile IAM services can integrate multiple proofs of identity, from driver’s licences, identity cards and passports to loyalty cards and online digital identities, into a single mobile application.
“Identity document (ID) credentials and attributes are securely stored in a central location for various forms of interaction that require ID verification. “These include the visualisation and validation of IDs, credentials, qualifications and licences, system and application login, physical access control and document approval with trusted digital signatures,” states Young.