Managing access and more, securely, in a cloudy future, with Evidian
If there’s one thing that the last five years in technology have taught us, it’s that there’s no such thing as an IT platform that’s static.
Even before the term “cloud computing” was termed, IT departments struggled to establish and pin down a standard desktop for deployment right across the enterprise. Every month, every week brought new possibilities, software, hardware and services that opened up new horizons- and that shifting sand of capability is even more unpredictable these days.
Thanks at least in part to its mass-consumerization, users in the enterprise are coming to roles with a level of confidence about technology. The common elements of a GUI (three lines for a menu icon, a cog depiction for settings, a spinning timepiece for “please wait”), mean that it’s a simple matter to spin up a new cloud-based service or app instance.
But if new solutions are being brought into play more or less continuously to help the workforce work, and the business function, keeping users and IP safe is near-impossible. Or at least it was, until companies began to deploy the type of identity assurance and management systems that are capable of overseeing the shifting picture.
Part of the world-wide Atos group, the Evidian platform is one that’s capable of managing users’ identities and associated information wherever they are presented. It’s a platform that at a user level ensures that passwords and credentials for every service and app are safe, secure and (if necessary) unique.
But for the IT Department and the managers of organizations, there’s a great deal more: cybersecurity, adherence to data protection governance and legislation, a forensic approach to access control, and much more.
It’s the human staff in companies across the world that are now the primary target for hackers. Why? Because perimeter control to privileged networks is easier to get access to if a human worker “on the inside” can be tricked into inadvertently giving away a route in.
Moreover, humans’ fallibility means that as well as clicking the links in phishing emails, staff are also prone to share passwords, use insecure credentials, and (though few would admit to this) IT departments have been known to grant massive account privileges to users when there’s a simple problem- it’s the quickest fix!
What companies that use Evidian get is a multifaceted user management and security-conscious system. Users can be forced or encouraged to use multifactor authentication (smart card, fingerprint, USB device, QR code), pro-actively led to use secure passwords, and even request and facilitate password requests through a dedicated, self-service portal. And because the solution is very much cutting edge, the same oversight system covers services in the public cloud, subscription-based services (like Salesforce or Office 365), in-house apps and individual desktop or endpoint logins. The same smart hardware (like an RFID-enable identification badge) that opens the facility’s doors can also be used to authenticate the user.
Clearly, password, identity, and access management systems are never going to physically prevent an individual tapping an apparent social media DM link (that leads to a spoof log-on page), but by ensuring that no member of staff can gain access to secure areas without proper authentication, the only thing at risk is the user’s pride.
Evidian gives companies a centrally-based management console that creates privilege sets to which new users can be joined, and departing staff quickly excluded from. Detailed logs show who logged-in, where, when, and on which services. Suspicious activity can be flagged, or access revoked or limited. And as the enterprise changes its app and service stack, the Evidian platform adapts and changes, allowing the business to get on with its journey, rather than prevent and detract from the strategic direction.
Identity federation and directory services can sit right alongside existing LDAP or AD provisions, with remote management installed either in-house, or in the cloud. Whether you’re protecting existing assets, or need to embark on a digital transformation journey of significant impact, ensuring ongoing access and high levels of protection (without any significant performance overhead) is critically important.
Speak to a representative of Evidian, part of the Atos group of companies, in the APAC region, today.