Identity and Access Management (IAM) is the process of codifying not only users and groups in a software system, but also what resources they are each able to access and what functions they are each able to perform. IAM addresses authentication, authorisation, and access control.
While enabling employees for ease of access can come with hurdles, the ultimate return on investment is unparalleled. Finding the right fit for your applications is essential.
Identity
In the past, blue chip companies sat employees down in office buildings protected by a digital firewall. Individuals signed into their office computers and worked until five o'clock, then signed out and went home to their personal lives. The current reality is much different.
Today, over the unsecure WiFi connection of a coffee shop, employees check their work emails on their personal cell phones, with or without a VPN, while also using their work laptop to talk with friends and send links across social media. In cybersecurity terms, this is far removed from the well-controlled environment described above.
The solution is to recognise that this is the employee's new identity, and to adopt a framework that accepts this reality. With a good identity and access management system, analytics can be employed to build a persona for today's user. Is he or she using that same personal cell phone? With the same operating system version? Such details can be tracked and used to make sure an employee signing in is authentically the person he or she claims to be.
Access Management
Imagine a small legal firm with an important assistant who signs in successfully by using his or her Windows password. At many typical legal outfits, this person now has full access to the machine in question and could (intentionally or accidentally) cause all sorts of trouble, especially if the device is networked for remote access so the attorneys can work remotely when needed.
With a good IAM, companies aren't left with this binary picture where either the user has no access or full access. Instead, systems can be flexible and adaptive. There's now a spectrum where the IAM framework determines, based on analytics, known risks, and user history, the safest amount of access to give the person. Maybe he or she is presenting some sort of risk—neglected to upgrade an application, say—but still needs to access a word processor to make edits to a legal motion that's due today. A flexible, adaptive IAM framework can grant that without giving him or her carte blanche access to everything.
ITSEC works with the best of breed tools. Our team are certified and experienced in deployment, configuration and support.
Get in touch and schedule a call with our experts and we'd love to help you with your cybersecurity needs.