The Workforce Identity Trifecta for Southeast Asia

Earlier in the year, Deloitte brought together three leading identity players for a roadshow that went across Singapore, Malaysia, Indonesia, Thailand, and the Philippines.

Ping Identity, SailPoint, and BeyondTrust teamed up for the event to educate the ASEAN region on the latest workforce identity solutions. With over 600 registrants across 5 countries, the roadshow was one of the first times a group of identity solution providers worked together to introduce a full-fledged identity fabric to the ASEAN market.

The roadshow focused on several key modern workforce cybersecurity topics while honing in specifically on the notion of the “identity trifecta.” Other topics of the roadshow included Zero Trust, as well as important workforce cybersecurity trends in the ASEAN region.

Whether it be Southeast Asia or another part of the world, cybersecurity threats are evolving at an unprecedented scale. In turn, IT teams have tough jobs in dealing with increasingly sophisticated cybercriminals, while also being asked to do “more with less.” When it comes to identity solutions, IT teams are often forced to choose between best-in-breed tools that don’t integrate, or platforms that try to do it all - but wind up hampering flexibility.

In order to meet rising security concerns, the topic of cybersecurity mesh architecture is a common theme among IT teams today. Cybersecurity mesh architecture is broken into four key components:

1. Operations Dashboard Layer

2. Policy and Posture Management Layer

3. Identity Fabric Layer

4. Security Intelligence layer

Of the four components of cybersecurity mesh architecture, the identity fabric layer took center stage throughout the ASEAN roadshow.

The Identity Fabric Layer

In cybersecurity mesh architecture for workforces, the identity fabric layer plays a key role in regulating employee access within an organisation. Within the identity fabric layer lies the 3 key elements of the workforce identity trifecta: Identity Governance and Administration (IGA), Identity Access Management (IAM), and Privileged Access Management (PAM).

To bring it back to the ASEAN roadshow, Ping Identity, SailPoint, and BeyondTrust each specialise in one core component of the workforce identity trifecta. Importantly, both SailPoint and BeyondTrust are valuable members of the Ping Identity Global Partner Network.

Throughout the roadshow, each of the 3 companies discussed the importance of IGA, IAM, and PAM while also highlighting the need to integrate their solutions with other technologies in an end-to-end capacity.

1. Identity Governance and Administration (IGA)

    

   IGA is the first part of the workforce identity trifecta. SailPoint took the lead on this topic in the ASEAN roadshow. As SailPoint explains, IGA “is at the center of IT operations, enabling and securing digital identities for all users, applications, and data. It allows businesses to provide automated access to an ever-growing number of technology assets while managing potential security and compliance risks.” In other words, IGA providers like Sailpoint keep track of who has access to what in an organisation.

    

2. Identity Access Management (IAM)

    

   IAM is the next critical element of the workforce identity trifecta. Ping Identity took the lead in the portion of the ASEAN roadshow. In the most basic sense, IAM solutions ensure that the right people (identity) have access to the right resources at the right times, for the right reasons (access management). Generally speaking, Ping Identity provides technology and services that manage whether the person/device asking for access at any moment should be granted said access.

    

3. Privileged Access Management (PAM)

    

   The final piece of the workforce identity trifecta is PAM. Our partner BeyondTrust oversaw this facet of the ASEAN roadshow. As BeyondTrust explains, “PAM consists of the cybersecurity strategies and technologies for exerting control over the elevated (“privileged”) access and permissions for users, accounts, processes, and systems across an IT environment.” Simply put, PAM providers such as BeyondTrust manage what privileges should be granted to different users within an IAM network.

Ping Identity, SailPoint, and BeyondTrust all agree the best way to implement the workforce identity trifecta is not with a set of tools that don’t integrate or an inflexible single provider, but with an integrated end-to-end solution. Ping and our Global Partner Network have everything you need to keep your organisation secure while also staying within budget. In fact, our integrated end-to-end solutions allow you to capitalise on the best parts of different service providers. By working with Ping and our Global Partner Network, you get the flexibility needed to scale your business as you see fit, without sacrificing security along the way.

Zero Trust was another important topic on the ASEAN roadshow. While technological solutions like IGA, IAM, and PAM are a great start for boosting your security efforts, you also need to consider your overall approach to cybersecurity. For example, how will you ensure your security can keep pace with new technologies and the constant drive for IT teams to do more with less?

For identity solution providers like Ping Identity, Zero Trust is quickly becoming a mantra to live by. Deloitte puts it this way: “A Zero Trust implementation is much more than a technological implementation, it is also a business and cultural transformation that is dependent on culture, communications, and awareness.” In fact, we believe that the only way to keep pace with new technologies and sophisticated cybercriminals is to implement Zero Trust across the board.

Zero Trust is the new standard in security that assumes nothing in a network is safe, so it is constantly monitored and assessed. Key benefits of Zero Trust include a strengthened security posture, simplified security management, and improved end-user experiences.

While on the ASEAN roadshow, the teams from Ping Identity, SailPoint, and BeyondTrust also touched on important cybersecurity topics and trends for the region.

Zero Trust for Banking in Malaysia

As seen throughout the rest of the world, Zero Trust is becoming an increasingly important topic for banks in Malaysia. As Bank Negara Malaya (BNM) is now allowing financial institutions to use cloud services, banks have more options for implementing Zero Trust initiatives with leading identity providers like Ping.

With the new Cloud Technology Risk Assessment Guidelines (CTRAG) outline from BNM, local banks can use cloud-based providers to support identity initiatives as long as the vendors are certified, reputable, and of strong financial standing. In furthering their support of Zero Trust in Malaysia, BNM is also loosening restrictions on data sovereignty. Over time, BNM realised that the risk of data leaving the country is far less than it would be with using outdated technology and security practices.

The team at Ping Identity is excited by these new efforts from regulators to drive Malaysian financial services into the next era.

Reducing Risk in Hybrid IT Environments

As seen in most other parts of the world, operations in the ASEAN region have been struggling to keep hybrid IT environments secure. Since hybrid IT environments combine on-premise servers with cloud-based technologies, they are particularly hard to protect.

In order to reduce risk in hybrid IT environments, it's important to centralise access with identity specialists like Ping and our Global Partner Network. While many businesses are tempted to utilise a third-party data storage provider like Microsoft Azure AD, this can be challenging if you are operating in a hybrid IT environment.

While Azure AD offers many perks like increased uptime and stronger security, many of these benefits only apply if you operate in the cloud 100% of the time. If your operation still utilises on-prem servers, you could get wrapped up in a complex Enterprise Agreement with Microsoft that might hinder flexibility in the future. As such, using an integrated end-to-end solution like those provided by Ping and our partner network is a more surefire bet moving forward.

New Personal Data Protection Act (PDPA) Rules in Thailand

Another important point of conversation in the ASEAN roadshow was the recent PDPA rules that were passed in Thailand. As the ASEAN Briefing website explains, “Thailand’s first-ever law on personal data protection” came into effect on “June 1, 2022 … The law outlines the obligations for businesses regarding the collection and processing of personal information.”

The PDPA in Thailand and the Philippines regulates the type of personal information your employees are allowed to see. If you are a Thailand-based company, remember that consent is a two-way street between staff, customers, partners, and APIs. When it comes to protecting people’s personal information, Zero Trust is always the best policy.

Never Trust, Always Verify

Throughout the ASEAN roadshow, we also promoted the best employee verification practices at each stop. Importantly, electronic Know Your Customer (eKYC) principles and technologies should be utilised for staff, contractors, and temp workers. Even if people are working remotely, you should regularly check people’s ID cards. Ping Identity, SailPoint, and BeyondTrust also encourage you to routinely reset information and access to critical data so you can prevent insider threats.

In the ASEAN region and beyond, workforce cybersecurity requires diligent practices like Zero Trust, as well as robust, flexible technological solutions. The best way to implement the workforce identity trifecta of IGA, IAM, and PAM is with an integrated end-to-end solution.

Ping Identity and our Global Partner Network have everything you need to provide your workforce with secure and flexible identity security. Ping provides scalable and convenient identity solutions, without sacrificing security.

Contact sales today to learn more!