Cloud applications are a target
As organisations continue to adapt in the current circumstances, the cloud is becoming a crucial component of business continuity and success. However, a lack of understanding about the right security needed to protect data in the cloud could act as a barrier to robust cloud adoption and the effective digital transformation needed to enable employees to work securely from home. When expanding in the cloud, organisations should adopt a Zero Trust model to enforce controls at the access point and ensure that data is encrypted.
According to the findings of the 2020 Thales Access Management Index – Asia Pacific and Japan Edition, over half of respondents from the region believe that cloud applications (57%) are the biggest targets for cyber-attacks. This trend is mostly attributed to the increasing volume of cloud applications in use (58%), while inconsistent security protection across cloud (57%) and a lack of strong cybersecurity solutions to implement appropriate protection (56%) are also key factors.
Access management solutions are mitigating cyber threats
For the vast majority (96%) of organisations in the APAC region, security policies around access management have been influenced by breaches of consumer services over the last 12 months. Nearly all (99%) IT decision makers in the region believe that having control over who has access to data can contribute to their organisation’s ability to comply with data protection regulations. As a result, organizations are implementing an access management capability, whether an on-premise identity and access management (IAM) solution, identity-as-a-Service (IDaaS), smart single sign-on solution, or cloud SSO.
Ineffective cloud access management has wide scale implications for almost all (99%) organisations, such as increases in operational overheads and IT costs, inefficient use of IT man hours, and large scale breaches due to a lack of cloud visibility. Hence, implementing effective cloud access management solutions will not only keep the organisation secure but it will save much needed time and money.
However, securing the cloud does not come without its challenges. The vast majority (98%) from the APAC region believe there are challenges to cloud-based security and authentication. The management of such a solution, integration with other systems, performance implications and total cost of ownership were indicated as challenges when selecting an access control solution. The right solution needs to be easy to manage and use, integrate seamlessly with other systems and be cost effective.
Smart SSO and two-factor authentication on the rise
Two-factor authentication (64%) is reported as the best access management tool when it comes to protecting cloud and web-based applications. Even though some might not be using it now, the majority have plans to start using or expand their use of two-factor authentication in the future. Smart SSO is the most likely solution being considered by organisations.
Nearly all (98%) IT decision makers in the APAC region would like to see smart Single Sign-On (SSO) used within their organisation, to date these solutions are currently being used by over half (55%), with almost two in five (40%) planning to use them in the future. This isn’t surprising considering that the benefits of using smart SSO, including the prevention of data breaches and ease of use.
Zero Trust security is critical
As businesses continue to adapt operations in this pandemic world, the circumstances forcing many to work from home are inherently increasing the security risks, at the same time as threats related to hijacking of credentials, as cyber-attacks continue to expand. Therefore, the focus should be on the importance access management plays in implementing a Zero Trust security policy. With this in place, risk management professionals will be able to put in place a ‘Protect Everywhere – Trust Nobody’ approach as they expand in the cloud.
When IT professionals are in the process of selecting an Access Management and Authentication solution, they should consider the following:
- Efficiency and deployment
- Automation
- Authentication and token flexibility
- Ability to access all apps and cloud services
- Smart SSO for optimal security and convenience
- Provision of flexible policiesTransparent licensing models
For more key findings, download the 2020 Thales Access Management Index – Asia Pacific and Japan Edition and join our webinar “Access Management and Authentication Trends in the Asia-Pacific Region” Ton 18 November.