Article by Ashley Diffey, Ping Identity Manager for APAC and Japan.

Australian businesses face a growing array of sophisticated cyber threats aimed at breaching networks, stealing data and causing disruption. Consequently, many are looking for new ways to secure their IT infrastructures.

One approach that is gaining more and more attention is cloud identity and access management (Cloud IAM). Cloud IAM is a security framework used to verify users and control their access rights to digital resources.

In addition to protecting public and private cloud-based resources, the policy can also offer protection to those located in on-premises infrastructures. It allows users to authenticate from any device at any time and access the applications and data they need.


According to a study by UK team Digital Shadow Photon Research, the average person currently uses nearly 200 services that require them to enter passwords or other credentials. The group’s research revealed that 15 billion stolen credentials enabling account takeovers were available on the dark web.

These credentials included username and password pairs for online banking, social media accounts, and music streaming services. Ensuring that these compromised credentials cannot be used by cybercriminals to access corporate resources is an essential part of any solid cybersecurity strategy.

Undertake a Cloud IAM strategy

Cloud IAM provides two of the critical components of access management: authentication and access control. It allows a company to authenticate users wherever they are and provide secure access to resources across cloud, SaaS, on-premises and APIs.

At the same time, it can increase network speeds as well as infrastructure agility and efficiency. A more flexible and scalable alternative replaces the limitations and costs associated with on-premises IAM with Cloud IAM in place.

When organizations choose to adopt this strategy, the two most common starting points are authentication and access security.

Authenticating individuals to ensure they are who they say they are is not a new concept. For example, banks have long required proof of identity before customers can withdraw cash, while bar staff require young-looking customers to verify their age. Authentication takes this process online, with several forms of proof required for added security.

Meanwhile, access security is all about ensuring that the right people have access to the right resources and nothing more. Even verified users can pose a threat to a business. Therefore, the principle of least privilege ensures that access is limited to what a user needs to protect sensitive information. For example, you don’t want customers to have access to employee-only resources or all employees to have access to personnel records maintained by the human resources department.


A Cloud IAM strategy can deliver a range of key benefits. These include:

• Respond to cloud-centric mandates:
  Digital transformation strategies are a priority for many organizations. Cloud IAM increases deployment speeds because the implementation is hosted in the cloud rather than on-premises, which would require investments in equipment and personnel.
• Reduced IT infrastructure costs:
  With a growing proportion of people continuing to work from home, IT teams must manage more applications, resources and devices. On-premises IAM may be insufficient for this, and costs can be significantly reduced by using an identity-as-a-service (IDaaS) or managed cloud provider for Cloud IAM.
• Improved flexibility and scalability:
  IAM solutions deployed on a cloud platform are available “as a service” from the provider’s private cloud or as software deployed in the organization’s private or public cloud. Cloud IAM solutions are also flexible and easy to scale for new users.
• Enhanced security:
  Cloud IAM also bolsters security with features like two-factor authentication (2FA) and multi-factor authentication (MFA) that reduce reliance on passwords. 2FA and MFA verify a user’s identity using multiple authentication factors.
• Improved user experience:
  Single sign-on streamlines the login process and makes it faster and easier for users to access the resources they need. Cloud IAM solutions are available to customers, employees, and partners. From customers looking for a frictionless login experience on e-commerce sites, to employees trying to get their jobs done using multiple apps throughout the day, using a single set of user information. identification saves time and frustration.
• Increased productivity:
  Most employees need access to a range of applications every day to complete their jobs. When these employees are required to create new accounts for each and use multiple passwords, productivity decreases. By minimizing the time spent on logins, Cloud IAM can help these employees access the resources they need faster and with less friction.

It’s clear that Cloud IAM has a lot to offer organizations of all sizes. By improving security levels while improving the usability of systems, it can help increase productivity at all levels. Consider how Cloud IAM could help your organization in 2022.

Article by Ashley Diffey, Ping Identity Manager for APAC and Japan.