7 Tenets of Successful IAM (webinar)
SailPoint CTO and CISO Darran Rolls discusses the seven tenets of a successful IAM program in this informative webinar (59:15)
7 Tenets of Successful IAM (webinar)
Bringing Identity to Enterprises of All Sizes
There is a massive transformation happening across the globe as every business leverages the power of technology to keep themselves competitive.
This digital transformation has had vast implications to the speed of business, but it has also made managing users and resources significantly more complex. Modern business environments are more open and interconnected than ever before. Employees, contractors, suppliers and business partners need to access company resources from a variety of devices and locations.
VIDEO – THE 7 TENETS OF SUCCESSFUL IAM (SAILPOINT)
[embedyt] https://www.youtube.com/watch?v=XDgE0IGRmgI[/embedyt]
Start With The End In Mind: Blog #8 – Salvage or Replace an Existing Provisioning System
(Source: SailPoint Technologies, Inc. Identity and Access Management Buyers Guide)
Many organizations have a legacy user provisioning solution that no longer meets their needs, doesn’t do what the vendor promised it would, or more importantly, in the case of several products, including Sun Identity Manager and BMC Identity Manager, will no longer be supported in the future. Do you find yourself facing any of the following issues with your existing provisioning solution?
- Your project is behind schedule and over budget
- You lack the necessary coverage for applications
- Your provisioning product is being “retired” and must be replaced
- You have compliance weaknesses related to ineffective off-boarding processes, entitlement creep, SoD violations, and more
Now is the time to address those issues and migrate away from your legacy provisioning platform. Invest in a technology that will address your current provisioning challenges, improve your overall identity and access management strategy, and integrate with what you have in place today. Look for a solution that will provide your organization a smooth transition and allow you to take a non-disruptive, stepwise approach while making the most of your existing investment as you transition to a next-generation solution. The new solution must also be able to balance core user provisioning requirements — add, change, delete user accounts and password management — with user-friendly interfaces and processes that empower business users to request and manage access on their terms. Finally, and most importantly, it must offer an integrated approach to IAM. Governance and compliance should be handled as an integrated activity within your identity infrastructure, not as a separate process.
Check back for the conclusion and next steps in the Start With The End In Mind blog series
Visit SailPoint Technologies, Inc. here.
Learn more about PathMaker Group IAM MAP here.
Start With The End In Mind: Blog #6 – Eliminate Audit Deficiencies and Improve Audit Performance
(Source: SailPoint Technologies, Inc. Identity and Access Management Buyers Guide)
Identity management is a focal point for IT audits and one of the areas most commonly flagged for ineffective controls. During many Sarbanes-Oxley (SOX) audits, weak identity controls often receive negative audit findings in the form of control deficiencies or material weaknesses.
Here are some of the most common identity risks auditors are looking for:
- Orphan accounts: Access that remains active for employees or contractors after termination due to failure to remove privileges
- Entitlement creep: The accrual of privileges over time through transfers, promotions or other changes in roles resulting in employees with access beyond their job requirements
- Separation-of-duty (SoD) violations: Inappropriate access resulting in excessive control over business transactions or the ability to perform conflicting duties
- Poorly managed privileged user accounts: Anonymous accounts that are typically the domain of privileged users are managed using manual processes and are very difficult to audit
- Lack of visibility into access by job function: Business users struggle to interpret technical IT data to make business decisions about what access is required to perform a specific job function.
If you’ve failed an audit due to weakness around any of these identity risks, we have good news. The right identity and access management solution will improve your visibility into risky or noncompliant areas and automate your processes for managing these risks. An enterprise-wide view of your identity data can help you to effectively analyze risk, make more informed decisions and implement the appropriate controls in an automated and more sustainable fashion. Further, aligning user access with job functions through an enterprise role model can strengthen user access controls by providing valuable business context around how specific sets of access map to the underlying business function being performed by an individual. The result? Less chances of negative audit findings or failing another audit. More chances of seeing audit performance improve over time.
Check back for blog #7, Lower the Cost of Compliance
Visit SailPoint Technologies, Inc. here.
Learn more about PathMaker Group IAM MAP here.
Start With The End In Mind: Blog #3 – Increase Business User Productivity
(Source: SailPoint Technologies, Inc. Identity and Access Management Buyers Guide)
Whether you’re using identity management for internal users (employees and contractors) or external users (partners, agents, customers), you want to implement technologies that reduce the burden of accessing business services. Having the right identity and access management strategy can reduce internal costs and improve productivity, but it can also contribute to revenue growth and profitability, as more and more “users” are business partners, agents or customers. As IT becomes more “consumerized,” all types of users expect quick, convenient access. And that access is no longer limited to logging in from a corporate laptop or PC — today’s workers want access anytime, anywhere, via any device. Every minute that a user has to spend retrieving a lost password or having the help desk reset a password is an unproductive minute — and when you multiply the growing number of applications by the amount of time wasted, the high price of inconvenience becomes pretty clear.
“I can’t keep up with the incoming requests for managing user access across the organization. There’s got to be a better way!”
“Our business users have to remember so many passwords, they’re writing them on yellow sticky notes in plain view.”
Here are some questions you should consider as you plan your strategy to ensure your IAM solution delivers convenience and improves user adoption and productivity:
- Do you make it as simple as possible for new users to register and begin using your business services — even if they have no prior relationship with your organization?
- Can users request new access from a self-service tool without having to call the help desk?
- Do you provide simple password reset capabilities for users who have forgotten their username and passwords?
- Do you offer users a streamlined and personalized single sign-on experience for all the applications, regardless of where they are hosted or how employees access them — via a desktop, laptop or mobile device?
- Do you use risk-based authentication to ensure that low-risk transactions are as easy as possible, but high-risk transactions require more assurance?
Check back for blog #4, Manage Access Across On-premises and Cloud Applications
Visit SailPoint Technologies, Inc. here.
Learn more about PathMaker Group IAM MAP here.
Start With The End In Mind: Blog #2 – Speed Delivery of Access to Business Users
Speed Delivery of Access to Business Users
(Source: SailPoint Technologies, Inc. Identity and Access Management Buyer’s Guide)
Given the fast-paced and dynamic environment of business today, IT organizations are challenged to keep up with the demand for identity and access management services, and to do so in a compliant manner. Business users cannot wait days or weeks for access to systems required to perform their job duties. Similarly, organizations cannot tolerate huge gaps in deprovisioning access when a user changes positions or is terminated. Changes to user access must be performed in near-real time, while remaining a controlled and auditable process that is visible to the business. The current state of IAM in most organizations makes it almost impossible to provide consistent and effective service levels to the business due to the following challenges:
- Heavy use of disparate manual access request and change processes
- Lack of end-user participation and visibility into identity management processes
- Ad hoc methods for dealing with external identities and their access rights
- Growing number of cloud-based applications that are managed outside of IT
- Help desk staff that is over-burdened with access request and password resets
What organizations need is an easier, more cost-effective way to deliver access to the business. With the right self-service tools, business users can manage their own access, from requesting new accounts or roles to recovering forgotten passwords, using intuitive, business-friendly interfaces. In addition, today’s user provisioning solutions offer easy-to-configure options for automating the entire access lifecycle of a user based on event triggers from authoritative sources — to minimize the need for manual changes. By providing an integrated approach that leverages business-friendly self-service access request tools and automated lifecycle event triggers, identity and access management can streamline the delivery of user access across your organization while continuously enforcing governance rules and compliance policies. It also empowers business users to become an active participant in the identity and access management process, enabling them to manage their own access and passwords while providing them with full visibility into active requests, thereby reducing the workload on help desk and IT operations teams.
Be sure to read blog #3, Increase User Productivity, about implementing technology that reduces the burden of accessing business services.
Visit SailPoint Technologies, Inc. here.
Learn more about PathMaker Group IAM MAP here.
Start With The End In Mind: Blog #1 – Identify Priorities and Establish Clear Goals
Identify Priorities and Establish Clear Goals
(Source: SailPoint Technologies, Inc. Identity and Access Management Buyer’s Guide)
Identity and access management is a strategic imperative for organizations of all sizes. Companies ranging from large, multi-national enterprises to smaller, fast-growing businesses must address requirements to protect and govern access to critical applications, systems and databases whether in the cloud or on-premises. Identity and access management plays a critical role in enabling organizations to inventory, analyze and understand the access privileges granted to their employees — and to be ready to answer the critical question: “Who has access to what?” At the same time, today’s enterprise demands faster and higher levels of service delivery across an increasingly diverse and dynamic environment:
- There are growing populations of external users, such as partners, agents, and customers, that need access
- New users come on board daily, requiring immediate access to enterprise resources
- Users’ responsibilities change, or their relationships with the enterprise end, and access must quickly be modified or revoked
- Users want fast, convenient access resources anytime, anywhere using smartphones and tablets
- Some applications and users represent a higher level of risk to the organization than others and require more focus
For IT staff, the challenge becomes how to meet service-level demands while identifying and managing high-risk activities, enforcing policy and security, maintaining stringent controls and addressing compliance requirements. Because there are many different business drivers for identity and access management, you may wonder how and when to put the different components of a solution in place. The answer depends on your business priorities and the immediate challenges facing your organization. To get started, step back and assess your most urgent issues. Do you understand what you want your solution to help you achieve? Here are some common business goals that can help you determine your own unique priorities:
- Speed delivery of access to business users
- Increase business user productivity
- Manage access across on-premises and cloud applications
- Reduce the cost of managing access change
- Eliminate audit deficiencies and improve audit performance
- Lower the cost of compliance
- Salvage or replace an existing provisioning system
Be sure to read blog #2, Speed Delivery of Access to Business Users, for more detail about the business drivers for identity management — the goals organizations most frequently hope to achieve with their implementation.
Visit SailPoint Technologies, Inc. here.
Learn more about PathMaker Group IAM MAP here.
