itb-nz logo
Story image

Three access management trends making waves in APAC

08 Nov 2018

Article by Auth0 CEO and co-founder Eugenio Pace

 In an attempt to prevent the growing pandemic of cyber crime, hacks, and breaches, companies are turning to Identity and Access Management (IAM) as a crucial piece of the equation when building or modernising any application or web service.

In fact, a recent industry report by Report Buyer forecasts the world of consumer identity proofing, authentication, and authorisation will top the $37 billion value mark by 2023.

This growth comes as no surprise, with a whopping 22 million personal records exposed in the first half of 2018 alone.

In APAC, the figures are even more staggering – 67% of APAC countries suffered job losses as a consequence of cyber attacks in a single year, and recent reports measured the total economic impact of cyber attacks in APAC at an annual US$1,745 trillion – seven percent of the region’s total GDP.

Thankfully, identity access management is rapidly ascending on the Asia Pacific enterprise shopping list, and APAC accounts for the highest growth rate in the entire global IAM market.

Cyber crime affects every business - large and small - but the larger the enterprise, the more that’s at stake.

It’s vital to keep a finger on the pulse of emergent cybersecurity trends, and here are three that should be high on every APAC CIO’s agenda:

1. Risk-based security is arming enterprises

Recent IBM-backed studies estimate the cost of data breaches to be at around $3.72million each. Most of these breaches involve some sort of phishing, a form of identity theft that has been unswayed by old multi-factor authentication solutions.

The sophistication of these attacks are so high, and so pervasive, that traditional means of security user identity are falling short. 

Using risk-based security and having measures in place to thwart the efforts of cybercriminals is much more effective. 

Multifactor Authentication, Breached Password Detection, and Anomaly Detection are essential pieces of any IAM strategy, and users’ real-time data (including time, location, source device, browser and network reputation) are tracked to rate the security of a login attempt.

If flagged as suspicious, the attempt is red-flagged and these measures are put into place, providing additional layers of protection.  

2. Urgent GDPR-compliant adoption enabled by extensible IAM

“Just like the size of an iceberg, the economic loss for organisations suffering cybersecurity attacks can be often underestimated,” warns Microsoft Asia enterprise cybersecurity group director Eric Lam.

Now, in the wake of the EU’s new GDPR regulations, these economic risks have increased tenfold for companies around the world, with fines of up to 4% annual revenue waving a warning flag.

Obviously, increased identity governance has had to take priority – even in non-EU countries – after the legislation placed identity ownership back into the hands of individuals, empowering them with explicit permission, the “right to forget”, increased transparency, permanency of records, time limits on reporting breaches, and further consequences for companies not complying.

With regulations still evolving (and sure to evolve elsewhere in the market), companies need better (and more flexible) data management tools that help them evolve too - with immediate effect.

So, extensible IAM solutions that help jumpstart identity innovation and enable immediate GDPR compliance are taking centre stage.

Easy-to-deploy access security software enables tech decision makers with a developer/hacker mindset to implement fast and effective measures in their enterprises across all use cases, with the flexibility to expand into any direction.

3. Companies need one-stop shops

As cloud technologies, BYOD, remote work policies, and IoT devices infiltrate workplaces, IDaaS (Identity-as-a-Service) is becoming increasingly popular as a one-stop shop for access management.

IDaaS platforms help secure multiple logins across intricate combinations of legacy and cloud platforms in evolving hybrid enterprises.

Enabling companies to compile myriad access points in one seamless interface is a powerful way of providing oversight over all points of vulnerability, regardless of device or user, and improves the user experience of security management for every person involved.

After all, security is no longer just the responsibility of the CIO or CSO.

Employees have increasing power over their own data, and need to be given the knowledge, support and positive user experience in order to remain on board with solutions and measures that help protect their identities.  

Story image
7 ways you can boost workplace productivity with a quality IT network
The more high-tech your workplace is, the greater your business results.More
Story image
How data warehouses have become the new data lakes for business
While data lakes are great when it comes to storage, they don’t perform well when it comes to analysis and reporting. The vast volumes and multiple formats mean that traditional data warehouse tools are unsuitable and another approach needs to be found.More
Story image
VMware launches application consolidation platform for enterprise
VMware says its vSphere 7 delivers services for the modern hybrid cloud, powering the compute environments for modern applications, AI and machine learning, and business-critical applications.More
Story image
Mentorship key to bringing women into cybersecurity - Microsoft
“Diverse teams make better and faster decisions 87% of the time compared with all male teams, yet the actual number of women in our field fluctuates between 10 and 20%. What ideas have we missed by not including more women?”More
Story image
COVID-19 employment engagement surveys released
Free templates for emergency response employment engagement surveys have been created to help support organisations throughout the COVID-19 outbreak. More
Story image
LINE Corporation chooses Cloudera to advance data and AI powered R&D
LINE Corporation has selected Cloudera to develop its AI technology based business and further empower its Data Science and Engineering Centre (DSEC), thus strengthening its data-driven business objectives.More