cl-nz logo
Story image

Three access management trends making waves in APAC

08 Nov 2018

Article by Auth0 CEO and co-founder Eugenio Pace

 In an attempt to prevent the growing pandemic of cyber crime, hacks, and breaches, companies are turning to Identity and Access Management (IAM) as a crucial piece of the equation when building or modernising any application or web service.

In fact, a recent industry report by Report Buyer forecasts the world of consumer identity proofing, authentication, and authorisation will top the $37 billion value mark by 2023.

This growth comes as no surprise, with a whopping 22 million personal records exposed in the first half of 2018 alone.

In APAC, the figures are even more staggering – 67% of APAC countries suffered job losses as a consequence of cyber attacks in a single year, and recent reports measured the total economic impact of cyber attacks in APAC at an annual US$1,745 trillion – seven percent of the region’s total GDP.

Thankfully, identity access management is rapidly ascending on the Asia Pacific enterprise shopping list, and APAC accounts for the highest growth rate in the entire global IAM market.

Cyber crime affects every business - large and small - but the larger the enterprise, the more that’s at stake.

It’s vital to keep a finger on the pulse of emergent cybersecurity trends, and here are three that should be high on every APAC CIO’s agenda:

1. Risk-based security is arming enterprises

Recent IBM-backed studies estimate the cost of data breaches to be at around $3.72million each. Most of these breaches involve some sort of phishing, a form of identity theft that has been unswayed by old multi-factor authentication solutions.

The sophistication of these attacks are so high, and so pervasive, that traditional means of security user identity are falling short. 

Using risk-based security and having measures in place to thwart the efforts of cybercriminals is much more effective. 

Multifactor Authentication, Breached Password Detection, and Anomaly Detection are essential pieces of any IAM strategy, and users’ real-time data (including time, location, source device, browser and network reputation) are tracked to rate the security of a login attempt.

If flagged as suspicious, the attempt is red-flagged and these measures are put into place, providing additional layers of protection.  

2. Urgent GDPR-compliant adoption enabled by extensible IAM

“Just like the size of an iceberg, the economic loss for organisations suffering cybersecurity attacks can be often underestimated,” warns Microsoft Asia enterprise cybersecurity group director Eric Lam.

Now, in the wake of the EU’s new GDPR regulations, these economic risks have increased tenfold for companies around the world, with fines of up to 4% annual revenue waving a warning flag.

Obviously, increased identity governance has had to take priority – even in non-EU countries – after the legislation placed identity ownership back into the hands of individuals, empowering them with explicit permission, the “right to forget”, increased transparency, permanency of records, time limits on reporting breaches, and further consequences for companies not complying.

With regulations still evolving (and sure to evolve elsewhere in the market), companies need better (and more flexible) data management tools that help them evolve too - with immediate effect.

So, extensible IAM solutions that help jumpstart identity innovation and enable immediate GDPR compliance are taking centre stage.

Easy-to-deploy access security software enables tech decision makers with a developer/hacker mindset to implement fast and effective measures in their enterprises across all use cases, with the flexibility to expand into any direction.

3. Companies need one-stop shops

As cloud technologies, BYOD, remote work policies, and IoT devices infiltrate workplaces, IDaaS (Identity-as-a-Service) is becoming increasingly popular as a one-stop shop for access management.

IDaaS platforms help secure multiple logins across intricate combinations of legacy and cloud platforms in evolving hybrid enterprises.

Enabling companies to compile myriad access points in one seamless interface is a powerful way of providing oversight over all points of vulnerability, regardless of device or user, and improves the user experience of security management for every person involved.

After all, security is no longer just the responsibility of the CIO or CSO.

Employees have increasing power over their own data, and need to be given the knowledge, support and positive user experience in order to remain on board with solutions and measures that help protect their identities.  

Story image
Interview: Equinox co-CEOs on adopting cloud and delivering business value
In the midst of global pandemic and remote working, delivering business value and adopting DevOps and cloud is an even greater challenge. David Reiss and Deane Sloan of Equinox explain how to navigate adoption and security during COVID-19.More
Story image
Interview: Barracuda decision-makers discuss public cloud security
Last month, Barracuda released a report outlining the security barriers organisations must overcome to adopt the public cloud, as studies reveal that security was the top concern for such organisations.More
Story image
HPE NZ posts net profit in FY19 results, improving on prior year's loss
HPE New Zealand has revealed its financial results for the financial year ending 31 October, seeing a net profit when compared to FY18's net loss.More
Story image
Google offers Hangouts features for free in midst of COVID-19
As businesses make the move to work entirely remotely as countries go into lockdown during the COVID-19 pandemic, Google is offering free upgrades on their G Suite for business, providing certain enterprise features for free for the next few months.More
Link image
Frost & Sullivan delves deep into authentication
rost & Sullivan examines the considerations an organisation must take into account when formulating its authentication strategy. More
Story image
Interview: RSA explains security in the epoch of IT disruption
We discussed cybersecurity in terms of how it fits into business continuity, as well as the threat landscape, and what RSA is currently doing to assist businesses that need protection.More