Light Dark
October 23, 2015 By Satyakam Jyotiprakash 3 min read
Endpoint
Identity & Access

Are you visiting the casino city to take part in IBM Insight 2015? Are you attending Insight 2015 because you are worried about your highly fragmented IT security posture? Mobile security could very likely be the primary reason for your concern. In this era of mobile and cloud technologies, your employees, contractors and partners need to have access to your organization’s on-premises and cloud infrastructures from their mobile devices.

As mobile usage rapidly grows, cybercriminals are targeting mobile devices as vulnerable entry points to enterprise networks. These threats are leading to paralyzing mobilephobia in some organizations. Since restricting mobile usage is no longer an option, it’s time to embrace the technology and tackle those fears head on with a comprehensive mobile security strategy.

Mobilephobia: Do You Have a Comprehensive Mobile Security Strategy?

Many organizations think a strategy to manage mobile devices and protect the data within them will suffice. However, it’s not enough to just protect the devices and safeguard data and applications; enforcing access management policies to ensure legitimacy of users and blocking fraudulent access to the organization’s IT infrastructure is critical from a mobile security perspective.

Now the question is how to ensure a top security posture in an environment where you already have separate access management solutions for on-premises infrastructure, cloud infrastructure, software-as-a-service (SaaS) and more. And now you’re adding all of the complexities that come with mobile access. These complexities are leading to access management chaos.

Alleviating Access Management Chaos

In today’s world, where many security leaders feel the sophistication of attackers is outstripping the sophistication of their organization’s defense, can organizations do justice to a mobile security strategy — or any security strategy, for that matter, by surviving this access management chaos? No way. They simply need to take back control of access management and adopt one single, comprehensive platform that encourages secure adoption of Web, mobile and cloud technologies while simplifying user access management.

From a mobile security perspective, the access management platform must:

Provide Risk-Aware Access for Mobile Apps and APIs

The access management platform should dynamically assess risks associated with mobile app access by using contextual information about the device, user, environment, resource, possible malware and past user behavior. It should have strong multifactor authentication capabilities to verify user credentials depending on the risk context.

Protect Against High-Risk Mobile Devices

In a scenario where mobile devices trying to gain access to the IT infrastructure are infected by malware, the platform must be capable of blocking any fraudulent and high-risk transactions from the infected devices without modifying the back-end applications.

Enhance User Experience With Mobile Identity Assurance

Once the applications are aware of the identity of the user on the mobile device, there is no need to repetitively enter usernames and passwords to gain access. An access management platform should improve mobile identity assurance through one-time registration codes to link devices with application and user identity.

Remove Barriers for Mobile Productivity

Besides mobile identity assurance, the platform should allow users to easily access enterprise resources with minimal authentication friction. For example, if the mobile device already has the device management solution, then the access management platform should allow device-level single sign-on (SSO) to enterprise resources. This would enhance productivity and the user experience.

Manage Access in the World of Hybrid Cloud

Besides mobile security features, the access management solution should enable organizations to manage access in the world of the hybrid cloud. It should quickly establish SSO to enterprise applications and federated sign-on to popular software-as-a-service (SaaS) applications at one go. It should support user identity propagation in the hybrid cloud application interactions.

IBM has recently announced a new version of its access management platform, called Security Access Manager. It helps organizations take back control of access management. Please meet us at Insight 2015 to learn more.

 |  |  |  |  | 
Satyakam Jyotiprakash
Portfolio Marketing Manager, Security Operations and Response Solutions, IBM Security

More from Endpoint
October 30, 2023

Virtual credit card fraud: An old scam reinvented

3 min read - In today's rapidly evolving financial landscape, as banks continue to broaden their range of services and embrace innovative technologies, they find themselves at the forefront of a dual-edged sword. While these advancements promise greater convenience and accessibility for customers, they also inadvertently expose the financial industry to an ever-shifting spectrum of emerging fraud trends. This delicate balance between new offerings and security controls is a key part of the modern banking challenges. In this blog, we explore such an example.…

October 19, 2023

Endpoint security in the cloud: What you need to know

9 min read - Cloud security is a buzzword in the world of technology these days — but not without good reason. Endpoint security is now one of the major concerns for businesses across the world. With ever-increasing incidents of data thefts and security breaches, it has become essential for companies to use efficient endpoint security for all their endpoints to prevent any loss of data. Security breaches can lead to billions of dollars worth of loss, not to mention the negative press in…

Topic updates

 Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today
© 2024 IBM Contact Privacy Terms of use Accessibility Cookie Preferences
Sponsored by si-icon-eightbarfeature