In the digital age, increasing amounts of data are being shared in new and often unanticipated ways. This proliferation of data, devices and connections brings a set of new security threats. And midsize companies, in particular, are feeling the heat.
While security budgets are often at risk for cuts, recovering from the damage a security breach can cause could cost a midsize much more in lost revenue and productivity. No matter how big or small a business may be, a security glitch is not an option. This is especially the case for midsize companies that operate with tight budgets and limited IT staff.
It has become more important, yet more difficult, to secure and protect critical information and related assets. Whether it’s evaluating the potential risk to the brand, understanding the financial implications of adverse events or assessing the impact of IT systems disruptions on ongoing operations, developing security intelligence – the ability to predict, identify and react to potential threats – is taking on new importance.
However, where large enterprises can rely on large IT departments with dedicated teams focused solely on addressing security concerns, midsize companies often must address the same concerns with far fewer resources.
According to Inside the Midmarket: A 2011 Perspective, security management is the top IT priority for midsize businesses around the globe. And, in the 2011 CIO Study, 60% of IT leaders from midsize firms reports plans to focus more on risk management and compliance as a means of increasing their company’s competitiveness over the next three to five years.
Midsize organizations are adopting social media and cloud services at a faster rate than large enterprises. They also are exploring flexible mobility models, such as Bring Your Own Device. As a result, midsize companies are facing a unique blend of security challenges.
One of those challenges is identity and access management. This is especially a concern for midsize companies trying to make sense of the growing array of IT assets located outside their company controlled network.
Cloud based solutions, social networks and mobile devices are difficult to manage with traditional identity and access management platforms. It becomes even more complicated for midsize firms, which tend to have a broader reliance upon external partnerships for growing their businesses.
VantisLife Insurance Company is one such midsize company. VantisLife has more than $4.2 billion of life insurance and nearly $600 million of annuities in force. 90% of all their business is submitted electronically and customer confidence is critical to their ability to compete and grow. In order to ensure their customers’ confidence in the security of their data, VantisLife decided to conduct a thorough security assessment. That assessment identified exposures in their systems that the company needed to address, specifically in terms of agent authentication and how they access data within the company’s systems.
Developing an in-house solution would have required a major investment in infrastructure. Staffing with the necessary expertise and managerial skill levels would have added pressure on the company’s resources and budgets. And, had they pursued this path, VantisLife was looking at a 4- to 6- month startup window, placing an additional burden on the company’s timeline for growth. To help meet those challenges, VantisLife chose a cloud-based identity access management solution that added significant layers of protection while maintaining ease-of-use for their customers. By eliminating barriers, VantisLife now has the ability to aggressively pursue their plans for growth on a national scale, unlike competitors that try to build-out their legacy systems.
A cloud based identity access management system can drive efficiency, security and compliance for midsize companies looking to integrate diverse external resources.
Midsize companies looking to evaluate their security needs can start with three areas: people and identity, data and applications, and infrastructure.
Regardless of which area you identify as the most vital to your business, there are many solutions spanning security, compliance, and resiliency — and often available for on-site or cloud/hosted deployments — that can help your business protect its vital assets from one year to the next.