Apparently, many enterprises still view security and innovation as opposing forces that need to be chosen between or—at best―balanced. Reading a recent CIO article titled, “Hacked companies still prioritize innovation over cybersecurity“, it became clear to me that it’s common to view occasional (and occasionally catastrophic) security breaches as a price companies have to pay for staying competitive in the application economy.
From the perspective of someone who works at a company that offers security solutions specifically designed to enable software-driven business models, this could seem beside the point. But it makes a kind of sense. Say you’re trying your hand at bungee jumping. Sure, you’ll use all the required safety equipment but you still accept there’s at least a tiny bit of risk involved in such an exciting (literal) leap into the unknown.
However, if you stopped to think about it, you might realize that the safety equipment isn’t something that reduces risk in a bungee jump―it’s what makes the activity possible in the first place. Like the kind of security solutions I mentioned above, it’s a custom-designed technology that makes behavior which would otherwise be utterly reckless (relatively) safe. After all, you wouldn’t use just any kind of rope and harness in this situation.
So the question should not be: How do I balance security and innovation in the application economy? Instead, you should ask: What specific security technologies will enable my organization to succeed? This may seem like a subtle difference, but it is certainly a significant one. The CA eBook How Can Security Help Me Grow My Business? provides four specific examples that illustrate the importance of this distinction.
Open up With Secure APIs
To succeed in the app economy, companies need to make their on-premises systems available to customers, partners and app developers. APIs are now widely used for this purpose but a successful API program requires specialized security technology to ensure these Web-based interfaces aren’t misused. Publish one without the proper security measures and you’re likely to find your whole API program shut down after the inevitable breach.
Enable the Anywhere Office
As well as offering new ways to engage customers, the application economy creates ways to maximize employee productivity. Mobile devices and the Web make it possible to build an “anywhere office” using apps that give employees access to mission-critical systems, wherever they happen to be. Again, this can only succeed if the correct security measure are in place―specifically, strong identity and access technologies.
Make App Access Seamless With Single Sign-On
The anywhere office will only contribute to productivity if employees actually use the apps you create for them. And user adoption isn’t a given. If users need to access more than one tool, dealing with multiple logins and constantly tapping in a variety of username/password combinations can be a deal breaker. Thankfully, leading security vendors now deliver single sign-on to enable seamless, one-time login across a range of applications.
Optimize the Customer Experience
Passwords aren’t just a pain for employees―customers don’t like them either. To engage customers with apps, you’ll need a seamless access flow that still protects customer data and your critical systems. Advanced security systems now include a range of multi-factor and risk-based authentication measures that create an access experience which is simultaneously more secure and more user-friendly than the traditional username/password method.