Intelligent CIO APAC Issue 16 - Page 42

FEATURE : IDENTITY AND ACCESS MANAGEMENT

A CIO SHOULD CATEGORICALLY REFUSE TO ADOPT ANY SOLUTION THAT SIMPLY FOCUSES ON ACCESS ADMINISTRATION .

How can an Identity and Access Management solution boost compliance ?
An identity-centric foundation helps organizations comply with stringent compliance whether it be meeting data privacy regulations , government regulations and industry standards while earning your users ’ trust and enabling you to personalise your user ’ s experiences through the provision of data governance and consent management . achieve greater velocity in developing applications , integrating systems and delivering results .
How complex are Identity and Access Management solutions to deploy ?
Identity needs to cover all your applications and services , including Active Directory . Selecting an Identity and Access Management solution built on open standard simplifies the integration with a broad range of enterprise applications to support complex IT environments , across SaaS , legacy , on-premises and custom applications .
TONY COLE , CHIEF TECHNOLOGY OFFICER , ATTIVO NETWORKS
Why is it important for enterprises to deploy an effective Identity and Access Management ( IAM ) solution ?
When you look at the security challenges organizations face today , some people believe the best form of protection is multi-factor authentication . While MFA does have a role to play , it can ’ t protect against the fallout from phishing and spearfishing attacks .
Implementing Identity and Access Management solutions , in general , is not an overly complex deployment from a technology perspective . Most of the change is associated with business process transformation . The companies who achieve the quickest and best results in implementing an Identity and Access Management solution usually establish a holistic program across all business and technology units .
Suppose an employee clicks on a link or opens an attachment containing malicious code . In that case , the attacker can gain access to that user ’ s device and then move further into the organization ’ s IT infrastructure . An adjacent area that is often overlooked is identity detection and response ( IDR ), which supports IAM and MFA by focusing on protecting the identity itself .
Put together , IAM can provide MFA to make it harder for attackers to get into an account initially . When that fails , IDR steps in so attackers can ’ t continue to escalate their privileges .
What are the potential pitfalls of not deploying an effective IAM solution ?
It leaves an organization open to potentially very damaging attacks . Proper authentication and authorization are important initial toll gates for the enterprise to counter attacks . SSO and MFA can help tremendously .
It ’ s also important that the organization can find attack paths that pre-date the advent of an attack . Attack surface management is a concern because users may have access rights that far exceed what they need to get their jobs done .
This means that if those users are compromised , the attacker will have much greater access to resources
42 INTELLIGENTCIO APAC www . intelligentcio . com