The Hybrid IT Authentication Scenario
(Last updated on February 27, 2019)
Hybrid IT is the new normal fueled by the continued adoption of Software as a Service (SaaS). In the Hybrid IT approach, organizations will provide and manage some information technology (IT) resources in-house, and use cloud-based services for others. If managed accurately, the approach is a strategic response that secures infrastructure, delivers cloud-based services from the safe parameters of IT, and helps IT shake off a reputation synonymous with “No.”
Where do I sign up? You ask. There is a good chance your users have started the process. In a survey of IT and Line of Business employees conducted by McAfee, 80% of respondents admitted to using non-approved SaaS applications at their job. Therefore, the first step is to discover what is already in use, and how you can bring it under the IT service offerings. Next you will need to identify what functions will stay in-house, and what will be outsourced. This is where you will be weighing benefits (economic, agility, efficiency) against drawbacks (security, vendor lock-in/management, integration with existing systems). This means familiarizing yourself with various vendors, including their stance on access control, data transmission, and storage – all of which are vital to various compliance regulations. Naturally, we will need to apply the compliance perspective to all vulnerabilities, including users – your weakest link.
What happens to user identities and passwords in the Hybrid IT approach? With 63% of confirmed data breaches involving weak, default, or stolen passwords, organizations are heavily reliant on better authentications policies to protect their data. This means multi-factor authentication, which can be realized with the following two options: Outsourcing identities to the cloud, or synchronizing identities to the cloud. Both approaches are supported by the popular Identity as a Service (IDaaS) approach, which promises a simplified user experience, and centralized identities. Yet, the approach conveniently ignores inevitable complications including replications issues, data conflicts, and a completely new directory to protect against external threats (protected by the vendor – as such, a high level of trust is essential). So, while IDaaS can strengthen your authentication scenario with enhanced policy enforcement measures such as multi-factor authentication, it can also leave you vulnerable – let the recent breach of the OneLogin service be a warning.
Hybrid IT is the first step as organizations migrate internal systems to the cloud over a period of time. As your maturity and understanding of the various cloud services grows, so will your cloud offerings.
If you can’t beat them, join them. The classic proverb pretty much sums up how organizations have managed the growing number of personal devices in the workplace. Thanks to Bring Your Own Device (BYOD), what could have been a tug of war, now means IT acceptance and end-user satisfaction. And while that particular movement has…Read More
We recently ran a meme contest on Spiceworks asking IT administrators and support staff to create a password related meme that captured their password management challenges. I’ve taken the liberty of including some of these throughout this article. With over a 100 memes submitted it is quite evident that end users continue to make poor…Read More
Don’t let the title fool you. This is not so much a melodrama – but rather about our fragmented identities sprinkled in the ubiquitous digital space. Okay, maybe a little exaggerated, but let’s see how you feel after a dozen failed passwords attempts – or could it be the wrong username? You narrow it down…Read More