High rates of exhaustion and burnout have highlighted the challenges that security practitioners face in trying to keep up with IT environments that are rapidly expanding and extending into the cloud – but with the right approach to automation, one expert advises, companies can reduce this burden while improving their overall security.
That burden comes as contemporary computing environments – which include ever-changing combinations of mobile and fixed computers, network equipment, connected Internet of Things (IoT) devices, smartphones, industrial and other equipment – demand flexible and scalable identity management frameworks that use continuous verification to authorise and grant access to networked resources.
Such decisions can no longer be made at scale and in a timely manner by humans, as in the past – but by adding an automation framework supported by artificial intelligence (AI), Saviynt co-founder and chief growth officer Amit Saha said even the most complex environment becomes possible to manage.
“AI is helping a lot in terms of dialling up or dialling down your security controls based on the type of identity and on your usage patterns,” he explained, “and it’s really delivering a lot of these decisions at scale rather than relying on humans.”
“AI is going to be a copilot for us in terms of helping us make those informed decisions and ensuring that we keep improving the posture and security of our identity perimeter.”
Identity-based security perimeters can be further strengthened by architectural decisions made by infrastructure providers – for example, designing cloud platforms so cyber criminals can’t move laterally across shared infrastructure.
Saviynt’s infrastructure, for example, “is a cloud platform with full tenant isolation,” explained Saviynt senior vice president of strategy Henrique Texeira, adding that “the way we chose to build our infrastructure was the hard way of building it, but the right way.”
Because each client has a separate and isolated physical environment, application architectures “avoid the risks of a noisy neighbour or exchanging information,” he explained – meaning that network, compute, operational data and even large-scale data lakes are “isolated from the rest…. This is a big difference in this cloud type of infrastructure.”
By making the right architectural decisions about identity early on, administrators can enable automation engines to handle day-to-day administration and intervene only when exceptions arise – allowing them to address the nuances of particular identities that emerge as the application infrastructure operates.
“Each identity has nuances in terms of how you secure them, govern them, and manage them,” Saha explained. “It’s about how you build that level of trust so you are confident that when you’re giving access to that identity, that you’re putting in the right controls to ensure that it is being used in the right way – and if it is not being used in the way that it is intended for, you have the ability to take that away.”
