Virtualization Technology News and Information
Axiomatics 2018 Predictions: What's to come in Enterprise Security

VMblog Predictions 2018

Industry executives and experts share their predictions for 2018.  Read them in this 10th annual series exclusive.

Contributed by Gerry Gebel, vice president of business development at Axiomatics

What's to come in Enterprise Security

Every year enterprise security is evolving to deal with newer, more sophisticated security threats. In 2017, we saw many organizations adopt big data technologies, begin to move toward a microservices approach to break down large applications and work toward scalable compliance with new and changing regulations. These trends transformed the enterprise security landscape, and in 2018 they will continue, along with these evolving trends:


For far too long, IT has operated separately from business units in the enterprise. Breaking down organizational silos has been a challenge for IT leaders that are seeking better ways to support business initiatives. DevSecOps (or Development, Security and Operations) has emerged as a new way for cross-functional teams to work together. The DevOps approach is aimed at bringing new application services to production faster than legacy change control practices. With DevSecOps, security also has a role to play in ensuring that continuous delivery practices also embrace good security practices. Security measures like Attribute Based Access Control (ABAC) can also be automated within DevSecOps processes to secure access to APIs, microservices, big data, and other application systems.

Securely Sharing Data

As organizations rapidly produce more data and continue to adopt big data systems, it has become crucial to shield personally identifiable information (PII), sensitive personal information and intellectual property while also being able to securely share information that is vital to business processes.

Organizations are shifting to a policy-based approach for access control, to securely disseminate information among departments, partners, and with customers to ensure that only those who are authorized to see sensitive information can view it.

Advanced Monitoring and Reporting

Increasingly, organizations are looking to implement advanced monitoring and reporting to help identify internal security threats and find culprits within an organization. By using data analytics, machine learning, and AI, organizations can identify anomalies that would otherwise go unnoticed by humans, helping to eliminate internal security threats. ABAC systems provide a wealth of activity log data that is used to enhance reporting and monitoring systems.

The Journey Toward Securing the Cloud

The move to the cloud is well underway, with many organizations adopting a "cloud-first" approach. Enterprises are moving, or in the planning stages, to move their entire infrastructure to the cloud, presenting a need for cloud-native security products and capabilities. An important security layer is access control to cloud hosted data and other business resources, preferably using an ABAC model. ABAC systems run in the cloud, are used to secure cloud resources, and can be operated as a service - giving maximum flexibility to cloud-first enterprises.

Regulatory Compliance

Regulatory compliance has always been a challenge within the security industry, but with GDPR around the corner, a new regulation has been added to the compliance landscape. ABAC can help meet and manage the new regulations by providing centralization of access control, efficient change management, and enforcement across the enterprise.

Everyone is a Consumer: Customer Identity and Access Management (CIAM)

A great customer experience is one way organizations can set themselves apart from their competition, but a data breach can immediately destroy the customer experience and a company's reputation (Think: Uber, Target, etc.). CIAM is about striking a balance between customer experience and security, and does not require organizations to sacrifice one for the other. CIAM allows organizations to securely capture and manage the customer identity while profiling data and controlling customer access to applications and services. This delivers a flawless customer experience while minimizing the chance of a security breach.

Role Based to Attribute Based (RBAC to ABAC) Access Control

Role Based Access Control (RBAC) was formalized as a standard in the 1990s and has served as a means to manage access for multiple decades. However, as business applications have become more complex and collaboration across a wide range of users is now required, RBAC has given way to Attribute Based Access Control (ABAC) as the preferred approach. ABAC provides the most flexible, dynamic, and comprehensive authorization model, which meets the demands of modern enterprises.

Every year new technologies are going to bring new challenges as well as opportunities to organizations across every industry. As new technologies generate more and more data it becomes increasingly difficult to share securely. As organizations continue to shift their infrastructure to the cloud, more organizations will be on the search for cloud native security products. An ABAC model should be every organizations' first line of defense, especially in the digital age. ABAC can help organizations securely share information, prevent insider threats and help scale to meet regulation standards.


About the Author

Gerry Gebel 

Gerry Gebel is the vice president of business development at Axiomatics. He is responsible for sales, customer support, marketing, and business development for the Americas region. In addition, he contributes to product strategy and manages partner relationships.

Before joining Axiomatics, Gerry was vice president and service director for Burton Group's identity management practice. He covered topics such as authorization, federation, identity and access governance, user provisioning and other identify management (IAM) topics. In 2007, he facilitated the first ever XACML interoperability demonstration at the Catalyst conference.

In addition, Gerry has nearly 15 years' experience in the financial services industry including architecture development, engineering, integration, and support of Internet, distributed, and mainframe systems.

Published Tuesday, January 16, 2018 7:42 AM by David Marshall
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
<January 2018>