From the beginning, identity has always been at the core of security. But initially when access was restricted to the office perimeter, simply having the user ID and password was enough. But now that we are moving to cloud-based applications, cloud-based storage, remote working, CYOB, the organizational perimeter has over a period of time, expanded.
That initial castle and moat perimeter is now exponential. But an exponential perimeter is impossible to protect. Which brings us back to identity- to protect the organization with identity as the perimeter is at least possible.
As traditional controls don’t exist, identity must be relied on as the security control providing access to the right resources under the right conditions. Privileged access is key. When the number and complexity of cloud-based applications with various new and coming regulations around them- Privileged Access Management (PAM) is a must and Identity and Access Management (IAM) is an imperative.
But CISOs all the way through to front lines security executives know that challenges remain in fully integrating secure access tools into the fabric of the enterprises to gain full value. But the conversation and the secure access journey continues to evolve.
Zero Trust has been a talking point for more than a year because identity theft is one of the fastest growing cyber crimes over the last few years. Credentials leak and get used. Applications and devices must benefit from the same security which protects identity.
SASE is the next step on the secure access journey as it adds components and controls like firewall-as-a-service, a secure web gateway, CASB and other modern data protection controls as services. But the challenge will continue to be integration.
No matter where an organization is on the secure access journey, interoperability and the reduction of complexity must be the mindset.
Parag Deodhar lends his thoughts at SASE Summit APAC February 16-17- join us and register now.