Broadcom Raises the Bar on Identity Security

By Vadim Lander, Identity Security CTO & Distinguished Engineer

Even before the era of digital transformation, a central pillar of enterprise security was Identity Security, which focuses on access to digital information or services based on the authenticated identity of an individual. But in this emerging era of multi-cloud, where organizations can no longer depend upon a single web perimeter, companies face a changing constellation of challenges and must find new ways to access disparate resources, while doing so with high degree of security to maintain the integrity of their enterprise. That is where Broadcom’s Identity solutions come in.

Identity in general is an area that is integral to everything customers do when building products and services or interacting directly with their customers. Everything you do requires your identity to be known at various levels of assurance: logging into a computer, banking transactions, cell phone apps, etc.  So as our customers introduce new products and services, their Identity and Security capabilities must foster those business goals while keeping their organization secure.

A Professional Journey 

I have been helping enterprises secure their most mission critical web applications through Identity Security for 25 years, starting with architecting the SiteMinder Web SSO technology with pioneer Netegrity.

Since then, it’s been an exciting journey, with the acquisition of Netegrity by CA and dramatic market expansion into Adaptive Identity – the process of tailoring each customer authentication to the specifics of the request. Along the way, I worked on Oracle Cloud and Oracle Cloud Identity, and ultimately came to Broadcom to work on the next generation of Hybrid Identity Security. Throughout the journey, I have partnered with great folks around the world, helped enterprise customers succeed, and driven a lot of innovation into our Identity products with a sizable number of patents issued.

Innovation Is the Future

We’re at a crossroads now as businesses deal with increasing cyber threats while implementing omni-channel, digital transformation and hybrid initiatives. Last year, approximately 61% of breaches involved credentials or identities. But as Broadcom’s CEO and President Hock Tan has noted, our innovations have helped tackle these and other major challenges facing our customers, partners and the industry.

Broadcom has a reputation for technical excellence with a broad assortment of core technologies across the design space from silicon to software – the world really is Connected by Broadcom. (Truth be told, each time I buy a router, I make sure it includes a Broadcom chip because as an engineer, I trust the company’s development prowess and technology!) 

Securely connecting identities to their apps ultimately is what Identity and Access Management (IAM) does – while managing the different, sometimes competing, goals of doing so securely, ensuring user satisfaction, enabling business while ensuring operational continuity, and meeting compliance goals.

Even before our customers started their digital transformation initiatives, we’ve been observing the challenges of hybrid IT needing to adequately secure omni-channel heterogeneous access via policy-based controls – Any Identity, Any App, Any Time. A number of realities in the areas of digital transformation, hybrid IT and frictionless access have converged to create a perfect storm for traditional Identity solutions trying to keep up with enterprise needs.

Raising the Bar on Identity

Innovation doesn’t take place in a vacuum. It relies on knowing what customers need. That’s why Broadcom is constantly talking with our customers to better understand their goals and issues as they undergo the process of digital transformation.

We’ve taken the collected learnings from that collaboration to better direct our R&D efforts — where our spending outpaces revenue growth by nearly 50%. We’ve incorporated knowledge of customer needs and aspirations into our development life cycle, and as leading practitioners of Identity ourselves, we obviously have a lot to say about how these dots need to be connected. 

We are on the front lines helping our customers address their specific pain points and needs with new software capabilities. We continuously tap the reservoir of expertise across Broadcom’s engineering teams to deliver new value to meet our customers’ evolving demands when it comes to IAM.

A Better Identity Security Architecture

As the process of digital transformation began to accelerate a couple of years ago, it became clear to us that enterprises would need a modern, integrated and open Digital IAM architecture to securely operate their businesses while managing risks and complying with regulations.

As we set out to develop this for our customers, we realized that it was necessary to weave identity and security into a proverbial fabric of applications and application infrastructure to meet the modern requirements of the enterprise. Our goal was to make sure that our software customers would be able to securely manage identities and access throughout their organizations as they uptake hybrid IT to implement digital transformation projects. 

As companies integrate their supply chain, consumers can now go to their websites to understand what is happening with orders and gain an up-to-minute view of what’s taking place. That capability wasn’t available a few years ago. Today it’s possible because suppliers can treat identities in the same way, regardless of whether someone is interacting via a web channel, a mobile channel or an interactive voice response system. And to make that seamless view possible, identity is the key component.

This is where Broadcom’s Identity Fabric Security Services Platform comes in. It delivers the style of identity architecture aligned with new requirements posed by hybrid IT and digital transformation requiring the following:

• Building it to cloud-native specifications to ensure fit with modern deployment practices — immutable, containerized, zero-down time micro services deployable to incredibly scalable and resilient Kubernetes platforms
• Using open standards to ensure seamless and cost-effective enterprise architecture for hybrid IT
• Ensuring 100% API-first and highly extensible functionality for weaving Identity into any application environment and enterprise architecture
• Accommodating contextual policy infrastructure to keep up with changing business and security conditions in the areas of authentication, authorization and administration
• Enabling seamless silo-less integration of Identities and Apps, using patterns such as BYOI, JIT, Security Events and others

Extending IAM Infrastructure

Elsewhere, our work has resulted in extending our IAM infrastructure to maximize reuse and ensure business continuity. Customers are now able to integrate with existing session and audit management infrastructure to gain a more comprehensive view of session and audit trails across existing and new application ecosystems. And our work has allowed us to further leverage existing identity stores already containing user and group populations. 

These are just a few of the many benefits our customers are reaping as we innovate our digital IAM architecture. This Identity Fabric approach has since become a “must have” architecture for Identity.

Our customer, Prabakaran Mohanan, IDAM Architect and Lead at Optus Telecommunications says this about their experience working with Broadcom and our Identity products:

“We selected the VIP Authentication Hub from Broadcom Software, because it was a logical modernization enhancement to our existing SiteMinder installation. In Australia there was a mandate to provide consumer users with an MFA solution and the timeframe was short so we engaged with our existing software partner. Once we realized that they had a modern solution for us, we were successful in integrating the solution in less than four months, including new apps and extending our existing SiteMinder Web SSO. The Identity Fabric approach also meant we were also able to use the same solution with our mobile apps. And being a cloud-native architecture underpinned by Kubernetes it proved to be very scalable in dealing with our 10 million+ customer base from the very beginning.”

And with more enterprises moving to a Zero Trust footing, more enterprises will be able to take advantage of Broadcom IAM business services to both become more agile and better cater to their customer’ needs.  

We’re also bringing innovation to the Mainframe security to advance TopSecret and ACF2 with the Identity Fabric technology to support the latest federal passwordless mandates, MFA initiatives, and hybrid IT objectives.

This is the kind of secure and scalable Identity architecture that enterprises need as they compete in a fast-evolving digital era. Broadcom is proud to innovate these solutions for them.

To learn more about Broadcom Identity solutions, visit us here.

About Vadim Lander:

Vadim is a recognized IAM expert having architected, developed, and led multiple, highly scalable IAM solutions to become industry leaders. At Broadcom, Vadim is focused on evolving IAM to meet the needs of the world going digital.