May 25, 2024

Binary Blogger

Are you a 1 or a 0? News, Thoughts and Reviews

Identity and Access Management Is More Than A Phrase

2 min read

I have been in the Identity and Access Management (I&AM) space for 10 years now. Designing, implementing and managing Identity Lifecycle and Access Management solutions. Solutions that provide the end to end security protection for your applications and data… if they are implemented right. Just because you have an Identity Management system, a Web Access Management system, a Role Management system does not mean you are going to see the benefits from any of those.

If you buy a German Shepard to protect your house is it any safer? Not unless you know how to properly train and take care of that tool. A crude analogy but accurate. Just because you have the tool does not mean you can wield it. 
For years I have seen, first hand, Fortune 500 corporations to small companies struggle with managing their IT Identities, not computer accounts, but Identities. Very few actually succeed to the level that you hear about in conferences and seminars. Why? There is too much brochure buzzword excitement that turn into text book tactics without analyzing the reality of the environments to plan on how to the end goals. There is no formula for success that can be cut and pasted across the board, you need to know where you are to know how to get where you are going.

I&AM is not something that will be solved with technology alone. If you try to you will fail. You can have the best product set in the world and it will fail miserably if that’s all you rely on. I&AM is a way of life. The tools take that way of life and adapt to it. The only changes you should be making in the business processes is removal of redundant, useless, or non-value add steps. Provisioning is 10% of what a true I&AM should provide. Business logic, processes, approvals, workflows, reporting, auditing, access requests, segregation of duty policies and enforcement and instant terminations. This is how you should be managing your Identities, through the life cycle, start to finish and everything along the way.

Anybody can create an automated script to create, or provision, an account. Big deal. Take your corporation’s policies and processes to make that happen automatically ensuring enforcement, that’s Identity Management. Then based on that Identity and Role dictates the access they receive.

Too often companies get hung up with the technical accounts rather than the business identity.

Sometimes technology is not intended to be the driver, but the enhancer to your business.

End of Line

Please follow and like us:
Pin Share
Copyright © All rights reserved. | Newsphere by AF themes.

Enjoy this blog? Please spread the word :)

  • RSS
  • Follow by Email
  • Twitter
    Visit Us
    Follow Me
Follow by Email
Visit Us
Follow Me