Cyber security remains a key problem for businesses large and small. One key weakness in many organisations is identity protection within online environments, as staff members and ex-staffers continue to be a major area of cyber security risk for organisations. In a bid to improve the security of firms in the area of identity management, Capgemini launched an IaaS cloud-based offering.
UK organisations continue to suffer from cyber security breaches. A recent PwC survey finds that nine in ten (90%) large organisations and 74% of small organisations are affected. The costs of such intrusions have been increasing year on year. For large organisations costs now come in at a little under £1.5 million to £3.14 million, while for small organisations the range starts at £75,200 and goes up to around £310,800. Recently, large scale infiltrations of consumer goods companies and financial institutions by hackers have resulted in the loss of a large number of consumer records, including the 76 million records stolen from JP Morgan Chase and the 145 million customer records copied from eBay’s database.
Organisations and their boards are starting to take the issue more seriously, implementing different techniques – such as a more active defence strategy – to provide a means of protecting the organisation’s records and reputation. Consulting firms too are on the case, with a number of high profile acquisitions of capabilities within the cyber security arena. Examples include IBM’s partnership with AT&T to provide mobile cloud solutions, Capgemini’s launch of a cyber-security centre in Wales, PwC’s partnership with US-based cyber security firm Tanium and Skyhigh Networks, Aon’s engagement with the EU’s Horizon 2020 initiative to tackle cyber-crime, and EY’s deal with Mycroft.
One key area in which businesses are found to be at risk is their own personnel and the way they log in. Phishing-attacks as well as people calling up to pose as workers that have lost their passwords are ways in which systems can be compromised. A recent PwC report further highlights that the biggest cause for concern remain current employees, accounting for 34% of incidents, former employees (29%) and current service providers/consultants /contractors (22%).
One way to increase the safety of computer networks is to improve the identity management of customers and employees operative on a network. Strong identity management can allow a business to differentiate itself, by providing consumers and employees a meant to securely and easily reach their data from any device via many different networks, applications, and multiple channels. One player in the field, Capgemini, has created a new IaaS (Infrastructure as a Service) cloud-based offering to improve identity management – thereby boosting network security. The service aims to use a highly scalable ‘as a service’ approach, which integrates identity governance, identity administration, risk-based authentication and context-aware authorisation to create a “unified identity and access management (IAM) solution.” As part of the delivery of the service, Capgemini is leveraging RSA Via Lifecycle and Governance technology, which allows security decision-makers to provide individual users access to resources permitted to them, without compromising security, compliance or agility.
“With cyber security becoming increasingly complicated, companies and users are looking for simplicity without jeopardising themselves or their data. When it comes to identity, one of the most fundamental security issues, services have traditionally been fragmented and overseen by multiple providers causing a disjointed user experience,” explains Franck Greverie, Global Head of Cyber Security at Capgemini Group. “Capgemini’s IDaaS offering takes away the complexity of identity security, bringing critical components together in one managed package to deliver a more seamless process for both user and operator.”
Jim Ducharme, Vice-President of Engineering and Product Management at RSA say: “Capgemini’s approach to identity management marries identity, security and compliance into a single portfolio of solutions that can easily scale to meet the demands of customers’ complex IT environments. The working relationship between Capgemini and RSA offers customers a fast track approach to a next generation IAM solution that quickly responds to evolving business needs without sacrificing security and compliance.”