The Tech Herald

2012 Predictions: Compliance and Access Management

by Steve Ragan - Dec 8 2011, 18:00

2012 Predictions: Compliance and Access Management

Continuing our series on threat predictions for 2012, The Tech Herald presents a list of things to consider over the next year, from two different sources, focusing on access management and compliance.

Subhash Tantry - CEO of FoxT

In 2012 enterprises will continue to use multiple solutions for access management until the management burden on IT becomes unbearable. This will force adoption of centralized, automated platforms that can cover granular access control policy management and enforcement across diverse IT infrastructures.

In 2012 policy management for access controls will become a greater problem as organizations will continue to be held financially accountable for failed audits across increasingly complex IT infrastructures. In order to meet compliance requirements, new technologies will be required to centrally manage and enforce access and use of enterprise resources across mobile devices, physical and virtual services, and newly adopted cloud solutions.

In the coming year, insider threats exploiting Windows server and desktop access will increase as organizations struggle to control local accounts.

The increasing complexity of regulatory policies and IT infrastructures will drive IT managers to explore the use of attribute or roll-based access management techniques for enforcing and managing user access to enterprise data.

Many organizations this year deployed cloud solutions for anytime-anywhere accessibility. Unfortunately for many, the purchasing decision was rushed and without a more complete evaluation of how access policy and compliance enforcement would function in the cloud. We believe organizations in 2012 will deploy more granular access management technologies to prevent unmanaged employee access in the cloud.

Michael Hamelin - Chief Security Architect for Tufin Technologies

2012 will be the year of continuous compliance - in other words, organizations will see the value in implementing the ability to track changes to their compliance posture in real or close to real time, as opposed to referring back to a single point in time based on their last audit (e.g., prove they maintain their compliance posture in between quarterly PCI audits.)

As a result, investing in automating the audit process will be top of project lists for 2012, which will result in many organizations adopting more mature and effective processes for managing compliance.

Organizations who are not bound to the need for direct regulatory compliance standard will still adopt standards like PCI DSS as a methodology to create a robust network security framework.

Next Generation firewalls will continue their strong adoption by mid-to-large-sized organizations. The need to craft and manage more complex rules, combined with the need to demonstrate continuous compliance, will accelerate the demand for automation.

Once organizations start implementing their own controls to demonstrate compliance, dependence on third party auditors will decrease.

Around the Web

Comment on this Story

comments powered by Disqus


New Volvo XC90 Videos

We have added some video of the new 2014 Volvo Xc90. The much anticipated SUV has finally be...

2014 Volvo XC90 Details

Volvo have unveiled the much anticipated new version of their SUV the Volvo XC90. Popular wi...

2014 Volvo XC90 Pictures

We have added some great pictures of the all-new Volvo XC90. Volvo have finally launched the...

Stephane Roncada Joins MX vs. ATV Supercross Team

Former Kawasaki factory rider and 250cc East champion Stephane Roncada has joined the team d...

2015 VW Jetta Prices

Volkswagen have released  pricing for their 2015 Jetta model. The German manufacturer h...