Industry executives and experts share their predictions for 2021. Read them in this 13th annual VMblog.com series exclusive.
The Rise of Machine Identity, Zero Trust & Open Banking
By
Jasen Meece, CEO of Cloudentity
In 2020, enterprises in every sector faced massive
disruption during the pandemic and the challenges sped up innovation in many
areas. Now, it's evident that the way the workforce operates will never be the
same as pre-COVID. Therefore, we need to be thinking about what implications
this massive shift will have on securing the enterprise and protecting employee
and consumer data in 2021.
In addition to changes in the workforce and business
operations, COVID-19 had a significant impact on consumer behavior. Now,
consumers rely on mobile apps like Slack and Microsoft Teams more than ever
before to do business and have switched over to primarily using apps for
important functions in their personal lives, such as banking and healthcare. Consumer
demand for easy-to-use apps has led to a global increase in the development of
APIs for open banking and open healthcare apps, and this momentum will continue
over the next few years. Putting all of this into consideration, below are five
enterprise technology predictions to prepare for in 2021.
In 2021, A Zero Trust Framework is No Longer Optional for
Enterprises
There's no doubt that COVID-19 and the shift to remote
work have accelerated Zero Trust adoption in the enterprise. In 2021 and the
following years, implementing a Zero Trust approach will become essential to
protecting every enterprise, regardless of industry. This is due to the
increasing volume of cyberthreats that organizations and individuals face on a
regular basis, and human error remains one of the top causes of security
breaches. In fact, roughly one-quarter of all data breaches are caused by human error, with the
average cost of $3.92 million for each breach, according to a report from the Ponemon Institute. As a result of this growing issue, the Zero Trust Model
will become the new standard, in which all users, even those inside the
organization's enterprise network, must be authenticated and authorized before
being able to access apps and data.
The Rise of Machine Identity for AI Bots
Today, we interact with bots more than ever before,
whether it's customer service chatbots or the AI on our devices, like Siri and
Alexa. These bots are used for real-time decision making to automate processes
that were previously done by humans. For example, bots have automated the
retail return processes for companies like Amazon. However, it becomes more
complicated for enterprises to manage the identities of automated bots,
especially when they are interacting with other bots at machine speed. The
identities of bots must be managed and protected by the enterprise, similar to
employee and customer identity, so that data isn't compromised. This is
important for CIOs and security leaders to keep in mind, because using bots for
automation purposes will open new attack vectors if those bots' APIs are
hacked.
New Data Regulations, like CPRA, must be Enforced at the
API Level
After CPRA passed in November 2020, many other states and
countries may follow suit in implementing data and privacy laws to give
consumers control of how their personal data is being used. However, enforcing
regulations like GPCR, CCPA and CPRA needs to start at the API level. When it
comes to managing consumer and employee identity, APIs are a key leg of the
identity stool, dictating how the app handles user data, identity governance,
and who has access to privileged data. It will be much simpler for companies to
ensure they are compliant with these regulations if their APIs are updated or
built from the ground up. On the flipside, if federal officials monitor and
enforce these data laws at the API level, it will be evident which parts of the
app's code must be altered to comply and avoid large fines.
Gen Z Will Lead the Shift to Open Banking
In 2021, we will see significant international growth in
the open banking industry as it democratizes financial services. In recent
years, Europe has been the center of a new movement towards customer-centric
banking using open banking to build new consumer banking apps, but open banking
is gaining momentum in the U.S. as well with Venmo and SoFi. Now, Gen Z has
grown up using opening bank apps to manage their personal finances and transfer
large amounts of money, rather than traditional banks. As a result, we will see
an influx of software companies being founded with the purpose of creating a
new method for digital-first consumers to do banking. To keep up with the
growing demand for these easy-to-use digital banking solutions, banks have now
embarked on the same journey by introducing similar types of mobile apps
designed to make customers' financial lives more productive and seamless.
Open Healthcare Will Require New Security Standards by
July 2021
A Fortune CEO survey showed that 77% of CEOs reported that the COVID-19
crisis accelerated their digital transformation plans and that 40% are spending
more on IT infrastructure/platforms. This goes for the healthcare industry as
well. Amid the pandemic, it's crucial that hospitals and other medical
facilities can exchange medical data and patient records quickly and privately,
but with the number of ransomware attacks hospitals have fallen victim to this
year, this process needs to be kept completely secure. The urgent need for
secure healthcare data-sharing has led to an increase in open healthcare APIs
being developed, but there are still strict compliance
guidelines and regulations that must be followed for patient
medical data by July 1, 2021. With open healthcare on the rise, we're seeing a
shift from developers facing interoperability and compliance burdens, to an
innovation opportunity that can power the digital patient and clinician
experiences these unprecedented times demand.
##
About the Author
As the CEO and a board member of Cloudentity, Jasen Meece is a dynamic
results-oriented executive who leverages technology products and services to
achieve business value-based transformation efforts. He
has over 20 years of leadership experience in IT driving both internal and
external facing organizations.