If your IT staff has grown accustomed to managing legacy systems with long-established practices, the shift to a hybrid IT model calls for a significant change in terms of technology, people and processes.
This is particularly true when features like multi-tenancy and third-party managed infrastructure in cloud environments necessitate the the implementation of identity and access management (IAM) and security tools specific to the potential threats posed by these and other cloud-native capabilities.
By embracing these five principles, organizations can successfully navigate the transition to a hybrid IT environment:
- Principle of Least Privilege: The Principle of Least Privilege states that users (including applications, devices, machines and IoT devices) should only be given permissions necessary to do their jobs or execute their processes, and nothing more. It’s particularly important to apply this principle to privileged users, whose broad access rights make them prime targets for attackers.
- Secure lifecycle management: Lifecycle management covers onboarding, off-boarding and everything in between. In provisioning each new physical or logical entity, only the necessary permissions should be provided to perform the tasks at hand. The ongoing management of identities and permissions must be performed at the speed of business. And off-boarding should be completed quickly, especially in today’s world where interactions can be between not only people, but also between IoT devices, machines and applications.
- Multi-factor authentication: More effective than simple passwords, multi-factor authentication asks for multiple pieces of information before granting users access to resources. Additionally, multi-factor authentication technology allows enterprises to create different levels of authentication based on the sensitivity of the data being accessed. These additional steps (also referred to as granular authentication) can include geolocation information or even physical biometrics.
- Federated Identity Model: The Federated Identity Model (FIM) builds a trust relationship between entities that normally may not share information. In order to be effective, the partners must have a sense of trust based on the exchange of messages through Security Assertion Markup Language (SAML) or a similar, open source XML standard. FIM provides single sign-on access to team members, who are able to log on once and gain access to multiple applications and services.
- Integrated SIEM/SOC: Organizations should be able to define, measure and track all security-related events and alerts, then correlate them to events and alerts in the broader hybrid IT environment, including infrastructure, applications, services and network. A Security Information and Event Management (SIEM)/Security Operations Center (SOC) should be integrated with the traditional enterprise dashboard and trouble ticket/help desk systems, as well as cloud infrastructure systems. In addition, the SIEM/SOC should be equipped with machine learning and AI capabilities, so that well-trained data scientists can rapidly identify and act on emerging threats.
In addition to these five principles, organizations should recognize that embedded security is becoming critical in light of the rapid adoption of DevOps. Multi-disciplinary DevOps teams should be trained to encompass and embrace the latest user interface technologies, which are cloud-ready and secure by design. DevSecOps, where security is embedded in all aspects of the DevOps process, will eventually become the new norm.
Although processes and technology are grabbing the headlines and dominating discussions about hybrid IT within enterprises, your people are how you are going to get there. Take the time to prepare them, and employees will emerge as the most effective tool in your toolkit for the successful, secure use of a hybrid IT environment.
By embracing these principles and focusing equally on people, processes and technology, the adoption of cloud tools to perform or increase IAM services across a hybrid IT environment will position your enterprise for a more secure, flexible future. The ability to leverage next-generation security for effective access control will enable business growth without undue additional security or resiliency risk.