Access management in a cloudy, mobile world
- {{x.value}}
{{ twilioFailed ? 'SMS Code Failed to Send…' : 'Enter verification code' }}
{{ completedStep1 ? 'Authentication & Security' : content.trialHeading.replace('{0}', user.FirstName) }}
{{ content.upgradeHeading.replace('{0}', user.FirstName) }}
The email address you entered is registered with InvestSMART
Please login to continue
We have sent you an email with the details of your registration.
Looks you are already a member. Please enter your password to proceed
{{ upgradeCTAText }}
Updating information
Please wait ...
Your membership to InvestSMART Group recently failed to renew.
Please make sure your payment details are up to date to continue your membership.
Having trouble renewing?
Please contact Member Services on support@investsmart.com.au or 1300 880 160
You've recently updated your payment details.
It may take a few minutes to update your subscription details, during this time you will not be able to view locked content.
If you are still having trouble viewing content after 10 minutes, try logging out of your account and logging back in.
Still having trouble viewing content?
Please contact Member Services on support@investsmart.com.au or 1300 880 160
Please click on the ACTIVATE button to activate your Intelligent Investor 15-day free trial
Please click on the ACTIVATE button to finalise your membership
Unsuccessful registration
Registration for this event is available only to Eureka Report members. View our membership page for more information.
Registration for this event is available only to Intelligent Investor members. View our membership page for more information.
- You are already registered for this event.
- This event is already full.
- Please select a quantity for at least one ticket.
- {{ i }}
Forgotten password
Please enter your email address below to request a new password
- Verify your email address by clicking on the link we sent to {{user.Email}}
- You now have free access, we look forward to helping you on your financial journey.
User access management is a recurring topic of discussion with customers and partners. Two major trends transforming industries today – mobile and cloud – are acting as catalysts for a renewed focus on this critical area of security.
As mobile devices proliferate at a staggering pace, enterprises see a rich new channel through which to reach customers. Enterprises are also realising that a much larger set of employees want to use mobile devices – which can enhance individual productivity as well as generate business value.
We’re in the BYOD era, where secure access to enterprise resources is key for all mobile deployments. Secure mobile access has some unique requirements:
1. Since mobile devices are shared more often it’s important to authenticate both the user and the device before granting access.
2. To mitigate the threat of man-in-the-middle attacks, emphasis must be placed on strong session management capabilities.
3. The risk of granting access to the user based on their context (time, network, location, device characteristics, role etc) needs to be determined so appropriate counter measures can be taken. This risk calculation can help select the appropriate authentication scheme(s), identify corresponding authorisation policies to enforce, and provide the user with information on security best practices. Additionally, threat protection from access requests needs to identified and countered to protect against mobile-borne attacks.
In the past few years, organisations have had growing economic incentives to source their technology services from cloud based providers – from software, to platforms, to infrastructure.
Cloud deployments help organisations improve time to value for delivering new services or content, while also avoiding capital expenses. As an organisation employs cloud-based solutions, or launches its own cloud offerings, secure access needs to be a top security consideration.
To improve user experience, a robust single sign-on solution that enables secure federation of identities across domains becomes critical. Some organisations are beginning to employ third-party identity providers (i.e. Google, Facebook, LinkedIn) to authenticate the user. However, first consider if the identity provider has been compromised.
A cloud access management solution needs be able to assess the risk of a specific access attempt based on security events related to the user. In cloud environments a flexible policy management and enforcement infrastructure (for authorising access) grows in significance in order to adapt to dynamic interactions with cloud services for cost management and compliance.
Over a year ago, IBM leadership began a concentrated effort to address these new requirements in the IBM Security Access Manager (ISAM) solution for cloud and mobile, which now enables context-aware access control to help organisations assess the risk of each interaction and adapt accordingly.
The risk of an interaction may motivate the use of different forms of authentication schemes or provide the user with differentiated authorisation to data or services. To compute the risk the user’s device and the application can be taken into consideration.
Jason Burn is the business unit executive of IBM Security Systems Australia and New Zealand.
Call 1300 880 160
Start a chat
Schedule a call
