Identity & access management the focus of Dell’s new security approach

LAS VEGASDell wants to move the impression the market has of its security portfolio beyond the SonicWall firewall product. And as it builds a security portfolio that integrates all its solutions from data centre to endpoint, and identity and access management will be at the heart of it.

In an interview with IT World Canada on the eve of Dell’s annual Peak Security conference, which has doubled in size this year, Dell executives said they see a greenfield opportunity around identity and access management (I&AM) and it’s an opportunity they plan to pounce on.

Bill Evans, senior director of product marketing at Dell Software, came to the vendor through its acquisition of Quest Software. That acquisition helped form the base for Dell’s I&AM portfolio, which Evans said includes three broad areas: governance, privilege management and access management.

“We’re bringing all these technologies together: privileged accounts now integrate with the firewall, and two-factor authentication integrates with SonicWall,” said Evans. “We’re starting to roll out these integration points.”

An example of the sort of solutions the integration of Dell’s security portfolio can allow centres around the Dell Security Analytics Engine, which does risk scoring in real time when a user requests access to the corporate network. It notes if you’re logging in from a corporate or non-corporate network, whether you’re using a corporate-approved device, where you’re located, the time of day and more. A risk score is sent to Dell Cloud Access Manager, which can make a real-time authentication decision.

“So if I’m logging in Sunday from Las Vegas, it may decide that I have the right user name and password so we’ll implement setup authentication and ask me for a one-time token,” said Evans. “But if I’m logging in from 1:00 AM from North Korea, it may lock me out.”

The solution uses Dell One Identity Cloud Access Manager, geo location information from SonicWall, Dell Defender for authentication, and a readily available blacklist – Dell SecureWorks have that integrated. Lockout is a policy decision; administrators set the policies and what happens based on the risk score.

While security is often seen as a priority for the IT department and something to be tolerated by business users, Dell is pitching its I&AM portfolio as a tool for business enablement tool.

“When users are burdened with onerous security hurdles they’ll find a way around it. The ability for this technology to give IT the ability to turn the security knobs up and down in real time is the real benefit,” said Evans. “If a customer can just use their user name and password nine times out of 10, the one-time 10 they need to use a one-time token they’ll understand. I&AM is a discipline fueled not just by security, but business efficiency and productivity.”

Dell sees a real greenfield opportunity around identity management said Timothy G. Brown, a Dell fellow and executive director for security in the Dell Software group. It took Dell by surprise, but he said the customer lists of the major players in the space, such as IBM, Oracle and CA, don’t extend much below the Fortune 1000. Brown said even many state governments don’t have identity management solutions in place.

“Privilege management should reach the point of being good security hygiene. You should never give anyone access to your root or your Oracle admin. It’s bad for them and bad for the company,” said Brown “We’re seeing a lot more instances of targeted phishing attacks against individuals with this access, and these are the worst attacks in terms of financial loss and damage to the company. And they’re becoming more common.”

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

Jeff Jedras
Jeff Jedras
As an assistant editor at IT World Canada, Jeff Jedras contributes primarily to CDN and ITBusiness.ca, covering the reseller channel and the small and medium-sized business space.

Featured Articles

Cybersecurity in 2024: Priorities and challenges for Canadian organizations 

By Derek Manky As predictions for 2024 point to the continued expansion...

Survey shows generative AI is a top priority for Canadian corporate leaders.

Leaders are devoting significant budget to generative AI for 2024 Canadian corporate...

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now