Smart Enterprise Magazine

Volume 6, Number 3, 2012

Issue link:

Contents of this Issue


Page 4 of 23

Leadership Perspective Success with 'Yes' New Content-Aware Identity and Access Management (IAM) technologies promise to help enterprises rapidly embrace cloud — and new business models — without increasing risk. | By Michael Denning S ome security managers have a reputation for always trying to put the kibosh on new projects and new ways to use IT. In many organizations, the CSO and team have become known as "Dr. No" when it comes to certain device use, social networking tools or even cloud comput- ing. (See related blog here.) It's not necessarily their fault. The job of a security chief is to protect enterprise assets, after all. And the reality is that security applications — identity and access management, data-leak prevention tools, user activity reporting, among others — alone don't provide the necessary insight into users and the information and resources they want to use at the moment of the transaction. That is, they don't pro- vide the context needed to measure real-world risk. But this is changing. At CA Technologies, we believe a new twist on identity and access manage- ment and data protection technologies — what we call Content-Aware IAM — will help to move this conversation forward by adding the necessary intelligence around content and data to reduce risk while maintaining productivity, whether working in a traditional or a cloud environment or both. For instance, the more tightly coupled the iden- tity information — such as who the users are, their job role, etc. — is with the actual data accessed, the more secure the use of cloud services can be. With Content-Aware IAM, a more data-centric approach, enterprises can more granularly con- trol not just what applications and data users are attempting to access, but also what they can do with that information. With that user and data information at hand — and even information about the device the user is operat- ing from — organizations can put the information to use at the time of transaction and create a risk-based judgment about individual transactions. Think of this risk-based judgment as being similar to that of a credit or FICO score. Instead of checking credit history and opening a new credit card or car loan, Content-Aware IAM will evaluate the user and look at who she is, what devices she is using and what data she wants to access. Then, based on a set of predetermined criteria and policies — just like a FICO score — the advanced authentication portion of Content-Aware IAM (specifically, our CA RiskMinderTM technology) can assign a risk score that determines whether or not a transaction can proceed. For instance, if a user is accessing data daily from her desk PC during normal business hours, we'd assume a low-risk data transaction and can assume most actions would be allowed without further authentication. However, should this user suddenly start attempting to access that same data from an iPad after busi- ness hours from across the country, we' d have an entirely different risk score for the transaction. To proceed, even more advanced authentication can be required to verify her identity, such as a one-time- password sent to her cell phone number on file, or even delivered by a phone call. Content-Aware IAM with advanced authen- tication allows security executives to control users, their access and what they can do with information. This helps organizations embrace the benefits of cloud computing and consumer technologies, such as tablets or smartphones, without bringing too much risk into the organi- zation. That's the path to saying "yes" to new IT projects and technologies. n Michael Denning leads the Identity and Access Management business at CA Technologies. A version of this article originally appeared on Smart Enterprise Exchange. 2012 • SMART ENTERPRISE 5 PHOTOGRAPH: CA TECHNOLOGIES

Articles in this issue

Links on this page

Archives of this issue

view archives of Smart Enterprise Magazine - Volume 6, Number 3, 2012