Intelligent CIO APAC Issue 16 - Page 43

FEATURE : IDENTITY AND ACCESS MANAGEMENT than would otherwise be the case . If you don ’ t have a system in place that manages , monitors and looks for misconfigurations in your identity system , your security is effectively wide open . have more clearly . An IAM and adjacent IDR solution will allow a security team to review the entitlements of each employee , remove those that are not required and detect live attack activity .
How can CIOs determine whether an IAM solution will suit their business ?
It ’ s easy to say that everyone should have an IAM solution in place , definitely MFA , but that is not entirely accurate since smaller businesses have a lot of nuances around their structure . IAM solutions should be deployed by organizations that have identities and credentials assigned to users .
These organizations need to have the ability to manage , monitor and understand exactly what is going on with those identities , associated credentials and the systems that manage them . This becomes particularly clear when you consider that most ransomware attacks use identity services to escalate privileges .
What impact will an IAM solution have on the work of company employees ?
If smartly implemented , there should be almost no impact whatsoever on a company ’ s employees . Instead , it allows the company to define the entitlements and access privileges individuals should
Employees will see no difference in user experiences . However , the organization will significantly increase its security posture .
How complex are IAM solutions to deploy ?
IAM platforms can be complex to deploy and often take extended periods of time to gain operational efficiency . Alternatively , IDR solutions can be straightforward to deploy and have been seen to run on a single server with no impact on the domain controller . It comes down to an organization ’ s choice of vendor .
How can an IAM solution boost compliance ?
It depends on the organization and the compliance requirements they need to meet . However , if they deploy and maintain an IAM solution , the risk of compromise can be reduced and the overall security posture is boosted . This will then enable the organization to meet its potential regulatory requirements . It can also help meet the compliance requirements imposed by insurance companies offering policies that cover cyber-risks . p
Tony Cole , Chief Technology Officer , Attivo Networks
www . intelligentcio . com INTELLIGENTCIO APAC 43