Working from home, staying secure: 14 Identity & Access Management tools to deal with the coronavirus fallout

My Post (16).pngWith record numbers working remotely during the COVID-19 crisis, CIOs and CISOs must look at how to maintain identity and access securely across a dispersed network

 

The coronavirus pandemic has overturned normal ways of working. Many office workers will be based at home for the coming weeks, if not months, and are already having to reassess how they accomplish their daily tasks. While staying connected to colleagues is now easier than ever, remote working brings more challenges than just bored children and over-excited pets – especially when it comes to cybersecurity.

We are long past the days when an office was the extent of a secure network. Today, security experts agree that identity management is the true digital perimeter, ensuring that only trusted parties can enter the corporate network.

Identity and access management (IAM) tools tend to be embedded in a business, and changing them is not as easy as switching between Skype and Zoom as a preferred platform. However, making sure you have the right solution for your needs is critical, and there has never been a more appropriate time to reassess your existing supplier.

In this article we cover some of the most popular IAM tools in the UK today. They cover a variety of areas and while most have the same basic functionality, many will specialise in a certain area or be more suitable to a certain type of business.

We will assume that your company has already laid the groundwork for remote working, with policies to support the practice and an analysis of expected traffic and risks – such as freezing password expiry limits and establishing a VPN if needed.

After getting the basics in place, it is time to look at IAM tools themselves. Requirements will vary depending on factors like company size, and others like solution price and vendor support will also come into play. Here are some of the elements to consider when looking for a new IAM solution.

Features to consider

  • Product features: multi-factor authentication (MFA), single sign-on (SSO), role-based access control, etc.

  • Ease of use

  • Compatibility with existing IT

  • Policy controls

  • Management of on- and off-boarding

  • Deployment options – on-prem, cloud, hybrid, hosted

  • Data migration ability

  • Identity data consolidation from multiple sources

  • Protection of identity data (and, related, the end-to-end security of the solution)

  • Supported standards/membership of standards bodies

  • Integration with third-party applications

  • Extensibility and scalability

  • Product roadmap

Delta

Delta is Computing’s technology market intelligence service, which distills the opinions and experience of thousands of IT leaders. We have put together a special three-month trial for access to all research to help with business continuity at this challenging time, for the price of a cup of coffee per team member per day. Click here to request a demo.

Microsoft

Microsoft’s Active Directory (AD) is widely adopted for IAM, even though it is not a traditional IAM tool; rather, it is a collection of services that help administrators manage users and devices on a network.

AD integrates with nearly 3,000 business apps, including Salesforce, Box, Workday and Office 365. Customers can run AD on-prem, in the cloud (Azure AD) or in a hybrid deployment.

The cloud version of the app has several important differences to standard Active Directory: for example, it doesn’t include Microsoft’s Group Policy or DNS. Customers often use standard AD and Azure AD together to extend an on-premises AD solution to the cloud.

AD features a directory called the data store, which contains information about network objects like servers and user accounts. It uses logon authentication and access control to these objects to manage security. Through this architecture, AD enables single sign-on to data store objects (including for external users), multi-factor authentication, privileged access management, identity governance and other methods of IAM.

As well as the data store, AD includes many more ways to work with objects in the directory, including rules to define their classes and attributes; a catalogue of information; and a replication service to distribute data across a network.

Microsoft splits Azure AD into four pricing tiers: free, Office 365 Apps edition, Premium P1 and Premium P2. The Office Apps edition is bundled into O365 E1, E3, E5 and F1 licences, explaining AD’s massive user base. Price for the Premium editions starts at £4.47 per user per month.

Delta respondents said that AD had many areas of strength, especially its password and employee lifecycle management. They praised its integration into existing infrastructure, and added, “Seamless user experiences are key, and Microsoft does this so well at present.” They also felt that Microsoft’s resources would enable further development. However, costs were a weak point and said to add up “very quickly.” Microsoft shows little flexibility in this area. – Read more

Learn More About Microsoft, Google, Amazon Web Services, RSA, Oracle

 

Use these 6 tips for better video calls while working at home

My Post - 2020-03-17T100924.569.pngCOVID-19 continues to affect our communities in a variety of ways. For many, working from home is a new reality. In response, Google has rolled out free access to our advanced Hangouts Meet videoconferencing capabilities to all G Suite customers globally until July 1, 2020. Here are a few tips from our Head of G Suite Product Marketing on how to have productive video calls. This piece originally appeared on The Keyword.

 

In the life of a working mom or dad, flexibility is key. And in the life of a sometimes-work-from-home working mom, technology is the reason I can be flexible. Sometimes my kid gets sick, or I need a plumber to come fix the toilet. I’m lucky to have a job that lets me work remotely in an age where videoconferencing is an acceptable way of staying on track with the day’s meetings.

But videoconferencing isn’t always easy. The kids climb on you, the dog barks, there’s background noise … you get the idea. I’ve had some embarrassing moments and made plenty of mistakes, but I’ve learned a few things along the way. Here are my tips for successful videoconferencing from home.

When you’re on a call, give some thought to what’s around you, such as the backdrop.

Tip 1: Choose the right environment

When I want to talk through a complex issue or brainstorm ideas, video calls are more efficient than chat or email. They also help me get to know teammates in different time zones. But when you’re on a call, give some thought to what’s around you, such as the backdrop. Choose a plain wall, and avoid windows that will provide too much backlight. And if you’re using a laptop, put it somewhere steady. I once did an entire video call with my laptop on my, well, lap, and at the end the other participant told me that the subtle wobbling of the screen was extremely distracting.

Tip 2: Invite anyone, anytime

Videoconferencing doesn’t always have to be scheduled; if you’re in the middle of a too-long email conversation, you can instantly set up a meeting and invite people within or outside of your organization to join. Hangouts Meet automatically creates international dial-in codes so people can call on the phone from anywhere, and you can invite people via a Google Calendar event, by email, or by phone. Check out our help center to get started. – Read more

Learn More About GSuite