Special thanks to Rex Thexton and Dan Mellen for their collaboration and contribution to this blog post.

Over the past year, many organizations have accelerated their cloud use to take advantage of its elasticity, efficiency, innovation and savings. But there is one lingering hesitancy recently underscored by new Accenture research: Security.

When this generalized cloud security concern is coupled with the potential complexities of SaaS, on-premise data centers and hybrid/multi-cloud environments, organizations' commitment to cloud may waver. That's unfortunate—and unnecessary, thanks to the answers (and relief) provided by modern identity and access management solutions. The appropriate identity solution can play a key role in a safe and secure journey to the cloud and will keep providing value as companies continue operating in the cloud. 

Get identity right and security will follow

A modern identity and access management solution can be one of an organization's strongest security controls when it comes to protecting access to cloud, including IaaS, PaaS and SaaS. But the 'modern' part is critical. Most legacy digital identity processes and tools lack the scope and the capability to secure access to the cloud, let alone also securing access to the entire digital and physical landscape. Compounding these issues is a tendency to try to combine fragmented digital identity tools and processes, which in turn increases cost, increases risk and introduces friction into the user experience.

<<< Start >>>



<<< End >>>

Unfortunately, in my experience, a large majority of organizations are still struggling to provide even the most basic, scalable digital identity capabilities. This has led the organizations to make tough decisions to leave behind their digital identity teams and try to implement their own services. This may increase the organization's total cost of digital identity, raises risk because of lack of consistent centralized control and provides a fragmented user experience fraught with friction. This doesn’t need to be the case. 

Digital identity need not be daunting

With some prudent actions, digital identity can enable an organization’s safe journey to the cloud and beyond. Organizations should consider:

  • Assessing their current security posture and digital identity maturity. Identify gaps and establish a business-aligned architecture and roadmap that ties into your organization’s cloud security reference architecture.
  • Understanding who has access to what. Use AI and Machine Identity Governance and Administration (IGA) solutions to understand all the processes across your organization that control access. Use these process guidelines to monitor your cloud and other data centers to clean up risky access and prevent entitlement creep.
  • Leveraging digital identity SaaS tools to help remediate identified gaps and modernize. Use open identity standards to integrate current digital identity processes and tools with digital identity SaaS to enable efficient returns on investment. Put a plan in place to retire legacy identity access management (IAM) tools that are holding your organization back.  
  • Using multifactor authentication (MFA) as a minimum standard for authentication.
  • Protecting the cloud’s many channels of access, from web and APIs to command line utilities—with MFA access controls.
  • Treating cloud credentials, roles and IAM policies lifecycle just like privileged and human administration accounts. This includes approval to gain access, vaulting credentials, monitoring access and periodic access reviews. Every action should be tied back into the organization’s identity lifecycle management processes.
  • Establishing zero trust access processes, where trust is continuously verified and established for every device, user, compute, network appliance and request.
  • Employing real-time monitoring and response. Digital identity tools should provide resiliency and help detect autonomous access in real-time, preventing attacks from escalating. 
Get digital identity right and multiple benefits will follow

Implementing a mature digital identity capability can enable the business, reduce friction and increase digital adoption. This path enables organizations and individuals to help interact securely and without friction, providing a good user experience while likely reducing time and cost savings, and delivering risk reduction.

For more information on digital identity, please visit www.accenture.com/digitalidentity.

 

Accenture Security is a leading provider of end-to-end cybersecurity services, including advanced cyber defense, applied cybersecurity solutions and managed security operations. We bring security innovation, coupled with global scale and a worldwide delivery capability through our network of Advanced Technology and Intelligent Operations centers. Helped by our team of highly skilled professionals, we enable clients to innovate safely, build cyber resilience and grow with confidence. Follow us @AccentureSecure on Twitter or visit us at www.accenture.com/security.

Accenture, the Accenture logo, and other trademarks, service marks, and designs are registered or unregistered trademarks of Accenture and its subsidiaries in the United States and in foreign countries. All trademarks are properties of their respective owners. All materials are intended for the original recipient only. The reproduction and distribution of this material is forbidden without express written permission from Accenture. The opinions, statements, and assessments in this report are solely those of the individual author(s) and do not constitute legal advice, nor do they necessarily reflect the views of Accenture, its subsidiaries, or affiliates. Given the inherent nature of threat intelligence, the content contained in this article is based on information gathered and understood at the time of its creation. It is subject to change. Accenture provides the information on an “as-is” basis without representation or warranty and accepts no liability for any action or failure to act taken in response to the information contained or referenced in this report.

Copyright © 2021 Accenture. All rights reserved.

Damon McDougald

Managing Director – Accenture Security, Global Digital Identity Lead

Subscription Center
Subscribe to Security Blog Subscribe to Security Blog