Cloud Identity Is ‘New Normal’ Replacement for On-Prem Tools
Reading Time: 3 minutes | Published: October 26, 2021 in Attivo News
With the rise of work-from-home, SaaS, IoT, cloud, mobile and edge computing, the traditional on-premises identity and authentication systems are becoming obsolete, giving way to cloud identity
Today’s data center has very little in common with that of a few years ago.
The old model of on-prem servers surrounded by a tough, secure perimeter is out. Today, data centers are not just on-prem but in the cloud and on the edge and everywhere in between.
“Then there’s the added complexity of mobile, SaaS applications, bring-your-own-device programs and the Internet of Things,” said Gorka Sadowski, chief strategy officer at cybersecurity vendor Exabeam and former Gartner analyst. “Not to mention COVID-19, a human virus that has forced everyone to work at home on who knows what.”
All these trends have burst the perimeter wide open, he told Data Center Knowledge.
“It’s all the Wild West,” Sadowski said. “In fact, it is widely accepted that identity is the new perimeter.”
As a result, traditional on-prem identity solutions, such as locally managed Active Directory, and associated systems and processes are being replaced by cloud identity alternatives. The result is an identity authentication system that is more scalable, secure, user-friendly, manageable and plays well with all of a company’s cloud providers.
“Web-based authentication and identification take on an important role when developing an overarching access and authorization strategy, especially as remote work, IoT and all ranges of new edge devices are brought online,” said Liz Miller, vice president and principal analyst at Constellation Research.
Today’s data center has very little in common with that of a few years ago.
The old model of on-prem servers surrounded by a tough, secure perimeter is out. Today, data centers are not just on-prem but in the cloud and on the edge and everywhere in between.
“Then there’s the added complexity of mobile, SaaS applications, bring-your-own-device programs and the Internet of Things,” said Gorka Sadowski, chief strategy officer at cybersecurity vendor Exabeam and former Gartner analyst. “Not to mention COVID-19, a human virus that has forced everyone to work at home on who knows what.”
All these trends have burst the perimeter wide open, he told Data Center Knowledge.
“It’s all the Wild West,” Sadowski said. “In fact, it is widely accepted that identity is the new perimeter.”
As a result, traditional on-prem identity solutions, such as locally managed Active Directory, and associated systems and processes are being replaced by cloud identity alternatives. The result is an identity authentication system that is more scalable, secure, user-friendly, manageable and plays well with all of a company’s cloud providers.
“Web-based authentication and identification take on an important role when developing an overarching access and authorization strategy, especially as remote work, IoT and all ranges of new edge devices are brought online,” said Liz Miller, vice president and principal analyst at Constellation Research.
That doesn’t mean that every enterprise is transitioning completely to cloud identity. Many have legacy systems that they need to support, regulatory requirements that require on-prem infrastructure, or other concerns.
“Quick returns can be had by selecting to migrate small but important groups of users or a few applications at a time,” said Mike Kiser, senior identity strategist at SailPoint Technologies.
That can provide a company with a growing knowledge base and comfort with the new technology, he told Data Center Knowledge. “And proving return on investment along the way.
Identity-Based Security Technologies
Companies deploying zero-trust-based cloud identity solutions typically also use strong authentication and fine-grained policy controls to replace simple passwords and credentials.
That helps protect against credential-based attacks, said Jasson Casey, chief technology officer at Beyond Identity, an authentication vendor.
Another security technology is identity detection and response.
This augments traditional perimeter-based defenses, such as firewalls and intrusion detection and prevention systems, or endpoint security.
Vendors in this space include Attivo Networks, CyberArk and Microsoft CloudKnox.
Read the full article by Maria Korolov on Data Center Knowledge and ITPro Today.
Share on:
Continue Reading
Free Active Directory Assessment
Get Visibility Into Privilege And Service Account Exposure
For a limited time, Attivo Networks is providing free Active Directory Security Assessments to demonstrate how ADAssessor provides unprecedented and continuous visibility to AD vulnerabilities.
Try Our Endpoint Detection Net (EDN) for Free
FAST AND EASY
Free use offer of our Award-winning security solution to prevent attackers from lateral movement, credential theft, and privilege escalation, fast and easy.
Newsletter Signup
ADSecure 90-Day Free Trial
GET PROTECTION AGAINST UNAUTHORIZED ACCESS TO ACTIVE DIRECTORY
- Hide and deny access to AD objects
- Get alerted on unauthorized queries
- Attack details easily viewable in dashboard
- Your data remains on-premise