Hot Identity Management Conference Discussion: ‘App-Shaping’ on a Budget

How can your company embrace the cloud but retain control over your data?

While cloud adoption has kept paced with the need to keep company budgets under control, Steve Gold of SC Magazine says IT security professionals talked out how to prevent the next Target from being your company at a conference in London in mid June.

Here’s one challenge, according to Ed Macnair, the EMEA MD of Intermedia, through Gold:

“Our research suggests that around 56 percent of companies make use of six or more SaaS (software-as-a-service) applications, whilst 76 percent of network intrusions exploit weak and stolen passwords,” he told the audience, adding that – just to make life more difficult – the average business user has 25 different passwords they have to remember for internet-based services.

And here’s another challenge:

Another challenge that CIOs face, Macnair argues, is the increase in employees using personally-owned devices to access, process and store corporate data.

The result, according to Ali Abdallah, Professor of Information Security and head of the Centre for Cyber Security with Birmingham City University, is that traditional IAM systems “are rapidly becoming not fit for purpose because they cannot effectively adapt to evolving expectations” even though those same systems are “the foundation pillar upon which all business processes and associated security controls are usually anchored.”

So how to solve this thorny challenge? Ed Macnair says App Shaping is one answer. Macnair says that Application Shaping “effectively gives IT security management granular control over the various features of an app running in the cloud, but without reducing its overall effectiveness.”

Macnair explains further:

“App shaping allows us to block and control the various functions of an application on a highly granular basis. Ideally the IT department needs to have access to a single pane of glass that gives them an overview of the audit reporting that is needed for controlling cloud-based resources.”

Will this be enough to hold off the cyber barbarians? Only time will tell, but hopefully the IT security professionals within the Identity Management industry have it covered.

For Steve Gold’s full piece at SC Magazine, click here.