Embed Size (px)
Citation preview
Security for the App Economy
Building a strong root system for your business
Information security is now about growth, not just protection.The traditional approach of keeping information locked down in closed systems stifles growth and innovation. The business becomes root-bound.
A new survey shows the app economy is driving the need for a whole new approach to security:• 83% view security as critical to protecting the
brand and is a competitive differentiator • 81% say security needs to be frictionless so
users are not burdened with onerous security requirements• 76% say they have had to completely re-think
their approach to security due to digital transformation
Research from a survey of 1,770 IT and business leaders (including 106 CSOs/CISOs) in 21 countries and 10 vertical sectors, Coleman Parkes, May-June 2016
Identity-centric security provides a strong root system for a growing business.Identity-centric security uses context, behavioral analytics and predictive analysis to ensure users of digital platforms are who they claim to be.The goal is to create trusted digital relationships so people can access a company’s data on the device of their choice, anywhere, anytime.
But few organizations have any sort of “green thumb” for identity-centric security.82% agree that identity-centric security is critical to digital transformation.Yet the research shows only 25% of respondents could be considered advanced users of identify-centric approaches to security:• Advanced: 25%• Basic: 64%• Limited/none: 11%
Advanced users of identity-centric security are seeing a bumper crop of business results.More Secure:Twice as many advanced users have seen a reduction in data breaches as compared to early-stage users – 41% versus 21%.43% have seen a reduction in compliance audit failures.
More Growth:47% report new business growth.45% experienced improvement in customer satisfaction or net promoter scores.
Here’s how to use identity-centric security to put down strong roots for your growing organization.
1. Make identity your perimeter. Users are now your security boundary, and you need to know that they are who they claim to be and that they can only access the information and services they should. Combine risk-based authentication with analytics-based approaches to assessing identities.
“Using more devices increases security risks. Keeping data inside the organization is one thing; allowing it to be used anywhere is different, as you’re relying on the personal responsibilities of the individual. Security controls have to be put in place to protect users’ information.”- Deputy CIO, UK government organization
2. Treat security as a business enabler.
In the app economy, security is meant not just to reduce risk. It also enables new business growth.Build business performance indicators into your security metrics.
83% say they need to balance strong security with enabling the business.
3. Focus on creating trusted digital relationships.The greatest assets you have are the digital relationships you build with your individual customers. They need to trust that you understand their needs and are protecting their identity and data as seamlessly as possible.
“Security has to become more user-friendly, without sacrificing its robustness. The key is to ensure you can identify whether a user is a customer, employee or hacker; safeguard customer and employee data; and make sure that transactions aren’t impaired.”-- VP – Technology & Compliance, US banking organization
4. Protect experiences, not just data.Customers, partners, and employees expect robust, yet frictionless, security with streamlined interactions and quality experiences.Only 25% of respondents say they have consistent, cross-channel, cross-device security.
“There is a tug-of-war between robust security on one hand, and customer and employee interfaces on the other.” VP – Technology & Compliance, US banking organization
5. Take an adaptive approach to identity and access management. Controls that can be adapted in response to risks can offer a significantly improved user experience. Only 11% of respondents have such controls in place.
“Identity and access management will be the main security concern in the future.”Marketing Director, European telecoms provider
6. Be proactive and predictive. Use advanced analytics to fend off security risks proactively.
Only 16% use a predictive approach that can anticipate breach risk before it occurs.
41% of advanced users of identity-centric security have seen a drop in data breaches, double the number of basic users.
7. Don’t compromise security for speed.It’s more important than ever to ensure that security is built-in right from the start, not compromised at the end. Consider using a DevSecOps approach to address security considerations early in the development process.
68% of respondents admit they sometimes trade-off security for time-to-market for new apps.
Strong roots support rapid growth. Cultivate your organization with identity-centric security.To learn more about using identity-centric security to build trusted digital relationships with your customers, download the report “The Security Imperative: Driving Business Growth in the App Economy” at www.ca.com/rewrite
CA copyright notice
“Research from a global survey conducted by Coleman Parkes and sponsored by CA technologies, May-June 2016”
Download Now
