In part one of Securing Enterprise Identities For Dummies, we covered how the traditional network perimeter is inadequate for today’s apps and infrastructure which are increasingly cloud and mobile. We also covered steps to securing enterprise identities so that any user can obtain secure access to any resource. These steps included:
- Taking stock of your existing enterprise users, apps and infrastructure
- Considering the role of identity in cybersecurity
- Architecting security using identity
- Deploying an identity platform for security
Part 1 of this blog concluded that an identity platform can provide you with a unified and integrated set of tools, auditing, reporting and control across all of your user communities and resources. The benefits of a platform-based approach allow you to achieve the security you are looking for with a consistent set of tools and features, and without the hassle of dealing with so many other vendors. In Part 2 of this blog, I want to cover some of the key features to look for in an identity platform.
Here are ten items that should be at the top of your list of considerations:
✓ Comprehensive management across servers, devices, apps, and users: The ability to manage identity both in the cloud and on‐premises, and across all the types of devices, systems and softwares you use, is a big part of your identity platform’s success.
✓ Ease of integration: Look for an identity platform that makes integrating with your existing and future IT environment easy. Your chosen platform should have out‐of‐the‐box support for your datacenter systems, applications, cloud services, devices and other integration points that matter to you.
✓ Single sign‐on: Supporting single sign‐on makes a big difference in user acceptance and gives you a central place for access control. Choose a platform that makes single sign‐on as transparent to your users as possible, and you’ll save time and money on support.
✓ Multi-factor authentication: Multi-factor authentication is critical to keeping your organization secure. Look for a MFA model that will work well for how your staff works, and is integrated into a single solution across apps and infrastructure.
✓ Federation support: If your prime directive is to connect your partners to third‐party services (like SaaS), the ability to use federated sign‐on is critical. Look for a platform that can work with federation tools like SAML. Federation is also important for supporting partners, suppliers and outsourced IT.
✓ App and infrastructure access management: A platform that makes granular, group‐based, highly usable access management a priority is a huge win when you’re facing a multitude of systems and apps that each need access control managed. Having it built-in and easy to use will help you stay secure and retain usability at the same time.
✓ Mobile security management: As your workforce becomes increasingly mobile, and as phones and tablets continue to grow in use for productivity, you’ll need a solution that can manage these devices. Pick a solution that leverages the security posture of mobile devices in the access policies for apps and infrastructure.
✓ Remote access for apps and infrastructure: When your users need to get work done remotely, integration with remote access is key. Look for secure remote access capabilities that limit the need for a full VPN connection and provide the ability to monitor and record remote sessions.
✓ Privileged access and shared account management tools: Your organization’s cybersecurity can rest on its ability to manage privileged access and shared accounts. Find a platform that makes visibility and central control easy and accessible.
✓ Strong vendor partnership and support: A vendor that wants to see you succeed can make the difference between a successful rollout and a failed and neglected implementation. Find a vendor that has great references and a reputation for carrying through after the sale.
Centrify offers the leading platform for securing enterprise identities against cyberthreats that target today’s hybrid IT environment of cloud, mobile and on-premises. The Centrify Identity Platform protects against the leading point of attack used in data breaches — compromised credentials — by securing an enterprise’s internal and external users as well as its privileged accounts. Centrify delivers stronger security, continuous compliance and enhanced user productivity through single sign-on, multi-factor authentication, mobile and Mac management, privileged access security and session monitoring.
To learn more how identity can provide a new layer of security for your organization, download the booklet “Securing Enterprise Identities For Dummies.”