Refreshing an Identity and Access Management Program – 1 Year Later

TL;DR

  • Identity is the modern perimeter and updating controls to account for changes in how organizations operate is required
  • Coding / Scripting / API integration skills will make or break an IAM implementation
  • Establishing RBAC is a skill an organization will have to grow into if the practice doesn’t already exist
  • Using integrators or partners may get a deployment done faster but the price paid on the back end will be substantial

Defining the Problem

Identity sprawl both within an organization and throughout the various SaaS (Software as a Service) and IaaS (Infrastructure as a Service) is challenging how most organizations manage access to data, processes, and administration interfaces. The phrase “identity is the new perimeter” may sound cliche but it is entirely accurate when describing the boundary by which business systems are segregated from public access. While technologies such as MFAs (Multi-Factor Authentication) and CASBs (Cloud Access Security Broker) help fill gaps in the detection and prevention processes the reimagination of existing identity processes for an organization can establish long term security stability by ensuring users are given access only to what is needed and thus reducing the overall attack surface of the organization. However, this is easier said than done. Refreshing an identity management process is fraught with risks and challenges for organizations. While there are many excellent tools that exist today it’s important to prepare your organization for the difficulties that lay ahead so that they may be in the best possible position to succeed. Below are some thoughts and reflections on what our journey has looked like as we have labored to redefine how we manage identities both inside and outside of our organizational environment.

Continue reading “Refreshing an Identity and Access Management Program – 1 Year Later”
Sharing