It’s a time of conflict
There’s a battle within businesses, and the battleground is your applications.
Employees – in the name of productivity – are adopting new cloud and mobile applications every day. IT – in the name of security – is trying keep private data secure against breaches.
Both groups often think the other “doesn’t get it.” Users complain about complex password policies, and security-related “hoops” they have to jump through. IT complains about endless helpdesk calls for password resets, shadow IT introducing risk, and an inability to secure an ever-changing hybrid environment.
But both groups have more common ground that they may think. They both want increased productivity. They both want what’s best for business. They both want the least overhead possible. But due to differing perspectives, the war of efficiency vs security rages on regardless.
The modern battleground
Compounding this battle, is the fact that it’s being fought on many different fronts – each with its own set of productivity and security challenges:
- Cloud apps likely have secure back-ends, but what about access policy? Is a username and password all that stands between sensitive data and attackers? Can IT manage user provisioning to prevent stale or rogue accounts?
- On-premises apps are protected by corporate firewalls and proxies, but VPN tunnels right through those defenses and often provides more access than necessary.
- Mobile employees are becoming the norm – but providing secure access across devices can seem daunting.
- Line of business is often writing checks that IT can’t cash – in the form of dedicated applications with silos of policy, identity and more.
- Password and account risk continues to grow, with users growing more and more frustrated, and IT being left to try to find the difference between valid users, and attackers who are exploiting compromised accounts.
Can there be a better way?
The battle between productivity and security is one that’s been raging for years – but I think it’s a battle that becoming irrelevant. Today we have the tools to balance user needs and IT security mandates. The ability to secure app access, based on a combination of user and device context, is finally here, and it’s not as complicated as it once seemed.
Check out “The Top 5 Application Security Risks” to learn about the top things to consider when securing today’s hybrid application environment, and then take a look at Centrify Identity Service (CIS). With integrated cloud, on-premises and mobile application security, powered by device context, CIS can actually ease access for valid users, while thwarting today’s most popular attacks.
Don’t take my word for it – try it yourself and see!
Until next time, here’s hoping we in the security world can get out in front of the age-old productivity vs security battle once and for all!