Managing security, access in the cloud

1 March 2015 Access Control & Identity Management

Robert Doswell.
Robert Doswell.

With so much attention currently being given to the cloud, it’s time to take note of an important issue related to the topic: security. As such, although rarely mentioned, there are numerous complications and security implications that come with managing user accounts and access of cloud applications.

Without a doubt, cloud applications can provide tremendous benefits to users and organisations, but doing so should be done cautiously. For example, when several cloud applications are utilised, provisioning, password management and the monitoring of access becomes a challenge, like overlooking or losing track of who has access to what information throughout an organisation.

Because of these simple examples, several security headaches can commonly occur when using cloud applications, but there are simple solutions to solve them.

Account management

Account management in the cloud has many security issues that can become major problems. Creating accounts for cloud applications can be time consuming for both the IT department and the end user. IT has to manually create accounts in each system and application, which can delay users having access for days and not being able to get their work done. Frequently, there are only a handful of people who create accounts for the entire company, which can result in a major bottleneck. The issue is that delegating this task to other employees in the company can be a security issue since they would likely receive elevated rights within the network. As such, the organisation needs to find a way to manage accounts more efficiently without giving several people access to the company’s entire network.

Another cloud security issue is losing track of which employees have access to specific systems and applications. When an organisation begins to use several cloud applications, it becomes difficult to control that the correct people have the correct access. Users may have access to systems and applications that they shouldn’t, leaving the company’s data vulnerable.

Still another major security issue is the disabling of cloud accounts. When turnover occurs in a company that utilises several cloud applications, it is easy to forget to disable the departing employee’s access. This is because of the fact that the employee’s manager has to notify the correct person who then has to manually disable all accounts individually. Leaving an account active can result in a security risk and potential costs, since the ex-employee continues to have access the company’s applications that are paid for on a subscription basis.

There are several ways that organisations can deal with the issues that arise from using cloud applications. One way is with an automated cloud identity management solution. This allows user accounts to be automatically created, modified, enabled or disabled through synchronising with the human resource system. It allows the account manager in charge to easily make changes in one place and have it automatically synchronised to all cloud applications.

Also, to ensure that only the appropriate people have access to the cloud applications with secure information, a role-based access control (RBAC) module can be used. System administrators can then easily control access to the company’s cloud applications on the basis of department or job title in the human resource system. This ensures that each employee has the correct access, even with cloud applications.

As more cloud applications are deployed in an organisation, they need to be able to report who is using what application and system. This can be difficult with many cloud applications and lots of users. A centralised dashboard can be used in an automated identity management solution to easily see an overview of users allowing management to easily review the report for auditing purposes, as well as controlling licence costs.

Password management

In addition to managing accounts, passwords can also be a problem to manage when implementing numerous cloud applications. IT needs to manage passwords for the many users and applications that the company uses. Each system and application has a different set of complex credentials, which are often required to be changed every month or so. How can one person easily remember the five or more sets of credentials they need? The answer is that they don’t – end users often write down their credentials and keep them near their desk so that they don’t forget them. This leaves the company’s network and information on the cloud applications extremely vulnerable.

There is a simple solution, though, that many leading organisations take to handle this dilemma. A cloud single sign-on solution allows end users to use only one set of credentials for all of their cloud applications, which can be based on their existing Active Directory credentials. If for any reason a password needs to be reset, it can be changed in one place, Active Directory, and then be automatically synchronised with all cloud applications. This simple, yet effective, solution allows end users to only need to remember one set of credentials, reducing the chance they will write anything down.

Overall, the cloud is extremely beneficial to an organisation, but attention needs to be paid to the security issues and the management of accounts and passwords. Many solutions offer benefits to end users, IT departments and even management, while allowing IT to have full control over the applications and authorisations without having to spend countless hours on account management. They also ensure that everyone has the correct access to their systems.

For management, audit and compliance is made easier and there is often a reduction in expenses related to the applications and the helpdesk managing them while ensuring that the full benefits of using the cloud are achieved.

For more information go to https://www.tools4ever.co.uk/





Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

Defending against SIM swap fraud
Access Control & Identity Management
Mobile networks must not be complacent about SIM swap fraud, and they need to prioritise the protection of customers, according to Gur Geva, Founder and CEO of iiDENTIFii.

Read more...
Access Selection Guide 2024
Access Control & Identity Management
The Access Selection Guide 2024 includes a range of devices geared specifically for the access control and identity management market.

Read more...
Biometrics Selection Guide 2024
Access Control & Identity Management
The Biometrics Selection Guide 2024 incorporates a number of hardware and software biometric identification systems aimed at the access and identity management market of today.

Read more...
Smart intercoms for Sky House Projects
Nology Access Control & Identity Management Residential Estate (Industry)
DNAKE’s easy and smart intercom solution has everything in place for modern residential buildings. Hence, the developer selected DNAKE video intercoms to round out upmarket apartment complexes, supported by the mobile app.

Read more...
Authentic identity
HID Global Access Control & Identity Management
As the world has become global and digital, traditional means for confirming authentic identity, and understanding what is real and what is fake have become impractical.

Read more...
Research labs secured with STid Mobile ID
Access Control & Identity Management
When NTT opened its research centre in Silicon Valley, it was looking for a high-security expert capable of protecting the company’s sensitive data. STid readers and mobile ID solutions formed part of the solution.

Read more...
Is voice biometrics in banking secure enough?
Access Control & Identity Management AI & Data Analytics
As incidents of banking fraud grow exponentially and become increasingly sophisticated, it is time to question whether voice banking is a safe option for consumers.

Read more...
Unlocking efficiency and convenience
OPTEX Access Control & Identity Management Transport (Industry)
The OVS-02GT vehicle detection sensor is the newest member of Optex’s vehicle sensor range, also known as ‘virtual loop’, and offers reliable motion detection of cars, trucks, vans, and other motorised vehicles using microwave technology.

Read more...
Protecting our most vulnerable
NEC XON Access Control & Identity Management Products & Solutions
In a nation grappling with the distressing rise in child kidnappings, the need for innovative solutions to protect our infants has never been more critical. South Africa finds itself in the throes of a child abduction pandemic.

Read more...
Understanding the power of digital identity
Access Control & Identity Management Security Services & Risk Management Financial (Industry)
The way we perceive business flourishing is undergoing a paradigm shift, as digital identity and consumer consent redefine the dynamics of transactions, says Shanaaz Trethewey.

Read more...