There’s a digital revolution in the workplace as enterprises leverage mobile devices, cloud apps, IoT and other emerging technologies to achieve gains in efficiency, productivity and competitive advantage. But with the opportunities of digital transformation come concerns and dilemmas.
Among the concerns are cybercrime, which has reached epic proportions (as much as $600 billion globally in 2017) and made network security and data protection top priorities. Risks are everywhere, raising questions such as: Are mobile workers logging on over unsecured wireless networks? Are all devices consistently protected? Are security and encryption protocols among third-party IoT manufacturers adequate?
On the dilemma side is the inconvenience of many traditional security methods. For example, strong passwords are safer than allowing “password123,” but creating and maintaining them is a burden. Forgotten passwords slow workers down and increase calls to the help desk, causing some users to bypass security policies.
The question becomes how to maximize technology while balancing cybersecurity with user convenience.
Resolving this dilemma starts by grappling with significant problems. According to Verizon’s 2018 Data Breach Investigations Report, credential theft is still the top variety of hacking breach involving web applications. Without a well-planned digital transformation strategy that fully integrates IAM (identity and access management), organizations can end up in a world of trouble. Some key challenges include managing:
- Distributed business environments where data resides in various locations and business unit
- Cumbersome, ineffective and inconsistent processes for provisioning and de-provisioning user access
- Insufficient support for centralized Identity and Access Management (IAM) solutions, plus nonexistent or poorly followed access management policies
- Single factor authentication methods, including the reliance on strong passwords that may be shared or forgotten
Critical Role of Cybersecurity Leaders
It’s time for CIOs and CISOs to take their place at the table and advocate for top-level IAM services as a primary element of the digital transformation process. Garnering support might start with addressing major risks that have definitive solutions. One such solution is multi-factor authentication (MFA), which the Verizon report recommends as the safest way to avoid stolen credentials. Fortunately, it also offers user convenience. CISO’s can confidently recommend MFA as a way to delivers superior security, without compromising gains in employee productivity, use of IT resources and operational efficiency.
Collaborative Solutions for Digital Transformation
New collaborations in the cybersecurity community will help organizations adapt quickly to advanced technologies, speed innovation and enable a business-first approach to digital transformation.
One such collaboration integrates DigitalPersona, an advanced authentication solution from Crossmatch, with IBM Security Access Manager (ISAM). ISAM is one of the most widely deployed access management platforms worldwide. This integration gives users authentication choices including traditional methods (one-time passwords, FIDO tokens), smart cards, biometrics, mobile and behavioral-based methods. The DigitalPersona connector is available through the IBM App Exchange portal.
The Crossmatch-IBM collaboration stands up to multiple challenges by:
- Confidently authenticating users to cloud, mobile, web and traditional applications with a risk-based approach that minimizes disruption and credential theft risks.
- Allowing Crossmatch and IBM customers to move beyond static passwords with an array of authentication choices that include traditional factors (one-time passwords, FIDO tokens), smart cards, biometrics, mobile and behavioral-based methods.
- Can easily fit into existing environments to reduce time-to-deployment and expense.
A comprehensive, business-first approach to identity access management and user authentication helps enterprises maximize the benefits of digital transformation with fewer risks.
Jeff Carpenter is Director of Identity and Access Management solutions at Crossmatch. In this role, he is responsible for evangelizing Crossmatch’s DigitalPersona® solution. In his 10+ years in cybersecurity, Jeff has held positions with a number of top tier cybersecurity and technology companies, most recently he was with RSA, a Dell Technologies company. Jeff earned a Bachelor of Science degree in Business Administration from Creighton University in Omaha, Nebraska. He holds both a Certified Information Systems Security Professional (CISSP) and a Certified Cloud Security Professional (CCSP) designation.