For the second time, this year, the company released its second white paper on the hot topic about about Identity and Access Management Solutions in Financial Service Industry.
As it is well known, financial services are one of the most regulated industries around the world. Providing the access to the information system is a major focus for the development of a company and security matter should not be neglected. The responsibility is higher than ever: you must guarantee the confidentiality of digital resources while sharing them with clients, partners and subsidiaries.
So, it’s no surprise that identity and access management (IAM) in financial services is critical to ensuring that only the right people have the right access to sensitive information. With PATECCO new white paper, discover how you are able to control the access to your data thanks to our Identity and Access Management (IAM) solutions.
Click on the book image to read the new Whitepaper:
transformation refers to different thinking, innovation and change of the
current business models. This is possible by building up a digital strategy which
is able to improve the experience of your organization’s employees, customers,
suppliers, and partners. For the establishment of the new business and digital
strategies, organizations need a strong IT infrastructure that supports all the
upcoming changes with agility, productivity and security.
In the last several years a lot of organizations started their digital transformation, using Identity and Access Management technology. It ensures not only a safe and successful digital journey, but at the same time brings successful customer and employee experience.
Identity Management plays a central role in the digital
transformation, including all new business models, applications and ecosystems it
supports. Identity Management provides the secure, flexible and adaptive IT
infrastructure that every company, government agency or university strives to
achieve.It helps to increase customer engagement through new digital
channels, to streamline your business operations and to protect data privacy,
and security to keep stable your reputation and finances.
According to Gartner, IAM is the security
discipline that enables the right individuals to access the right resources at
the right times for the right reasons. Therefore, the lack of a proper IAM process in place, puts the data at risk and
this situation may lead to regulatory
non-compliance or even worse – a data breach event. IAM addresses the need
to ensure appropriate access to resources across increasingly heterogeneous
technology environments, and to meet all rigorous compliance requirements. This
security practice is a crucial measure for any enterprise. It is increasingly
business-aligned, and it requires business skills, not just technical
Talking about transformation in the digital era, it is crucial for the companies to develop long-term technology infrastructure plans that inform how identities are established, maintained, secured, leveraged by applications and distributed within and out of an organization. That means that the major IAM themes in the enterprise’s strategy should include Privileged Access Management, Identity and the Internet of Things, Cloud-based IAM, Identity Governance and Customer IAM.
Which are the main IAM advantages in the digital transformation?
Ability to manage digital identity for accessing information and resources:
Identity and Access Management solutions provide the ability to manage digital identity for accessing information and resources. That means that they secure content from unauthorized access by injecting authentication layers between the users and the critical apps and data. Protected target resources may include on-premises or SaaS applications and web service APIs across all business scenarios, from business-to-employee (B2E) to B2C. Besides, Identity and Access management solutions support bring-your-own-device (BYOD), through the use of social identity integration needed for registration, account linking and user authentication.
Ability to quickly enable access to resources and applications:
According to our partner, IBM, IAM technology quickly enable access to resources and applications, whether in the cloud, on premises, or in a hybrid cloud. Whether you’re providing access to partner, customer or employee-facing applications, you’ll be able to offer the seamless experience your users expect.
Ability to simplify activities:
Creating an identity-focused digital
transformation strategy means choosing the right technologies that enable
internal or external users to streamline actions, duties, or processes. When
you create a strategy intending to enable users, you need to focus on which
identities need access to the technology, how they use the technology, what
resources they need and most important – how to control their access to prevent
You are on the right way if your
strategies closely align with the purpose of an IAM program. IAM and IGA (Identity Governance and
Administration) programs define who, what, where, when, how, and why of
technology access. When composing your enterprise digital transformation
strategy based on an identity management program, you are ready to successfully
manage the data privacy and security risks.
Ability to enable digital interaction
Customer Identity and Access Management
(CIAM) is a whole emerging area in the IAM. The increased number of
sophisticated consumers need more simplified digital interactions which helps
them to easily build up a better and deeper relation with brands. Furthermore,
CIAM technologies help drive revenue growth by leveraging identity data to
acquire and retain customers.
above, IAM is a critical
element of the digital
transformation which makes it substantial for protecting sensitive business data and systems. When
implemented well, IAM provides
confidence that only authorized and authenticated users are able to interact with the systems and data they
need to seamlessly do their job. Effective IAM solutions include Access Management – a solution that
streamlines and manages multiple accesses, as well as Identity Governance and Administration
– a solution that helps you monitor and govern the access.
Identity Access and Identity Governance are often used in cyber security business. From clients’ side the terms are often confusing and difficult to comprehend, but from experts’ side they both are the two aspects of IAM, but concepts of each of them are totally different. This article will explain in details about the differences between the IAM and IG.
For the better understanding, it could be said in a few words, that IAG refers to a process that allows organizations to monitor and ensure that identities and security rights are correct, as well as managed effectively and securely. It includes everything from business, technical, legal and regulatory issues for organizations. Identity and access management (IAM) is just a component of IAG. IAM is the technology for managing the user identities and their access privileges to different systems and platforms. But let’s now analyse each of the two technologies, so that it would be clear what functions and capabilities possess each of them.
Identity and Access Management
First: What Do We Mean By “Identity”?
In the cyber space, we all have identities. Our identities display
themselves in the form of attributes, entries in the database. A unique
attribute differentiates one online user from another one. For example – an
attribute could be an email address, phone number, or a social security number.
Attributes referring to our private and working life are different and change
over the time, as we change jobs, place of living, get married, etc.
Your online identity is established when you register. During
registration, some attributes are collected and stored in a database. And here
we come to the term – Identity management, which literally means – managing the
attributes. You, your supervisor, your company HR person, the IT admin, the
eCommerce site service desk person could be responsible for creating, updating,
or even deleting attributes related to you.
As mentioned above, Access Management is a process of
managing users’ identities, tracks, and at the same time managing their access
to certain systems and applications. The process of access management is
related to users and customers, whose profiles have to be created, managed, controlled and granted
the proper role and access. When it comes to performing access management and keeping
sensitive data and information secure, giving the right access to the right people
(IG) is a subcategory of Identity and Access Management (IAM). IG provides
organizations with better visibility to identities and access privileges, and
better controls to detect and prevent inappropriate access.IG solutions are
designed to link people, applications, data and devices to allow customers to
determine who has access to what, what kind of risk that represents, and take
action in situations when any violations are identified.
Identity Governance in action:
If someone is trying to access the systems who is not
authorized, the identity governance solution can determine the access as
suspicious and notify about it to the system administrator. The identity
governance systems also help in automating the process of cleaning user access
right by analysing whether the users were granted the similar access in the
past or not.
Governance offers a holistic approach driven by risk analytics and focused on
improving security and compliance. Identity Governance has several techniques
to provide preventive or detective controls, reporting, and dashboards, data
access governance, improved user experience and contribute towards limited
threats to acceptable level.
Moreover, Identity Governance tools enable
organizations to enforce, review and audit IAM
policies, map governance functions to compliance
requirements and support compliance reporting. Specific identity
governance product features include user administration, privileged identity
management, identity intelligence, role-based identity administration, and
In general these are the differences in the functioning of the two solutions, but both are used to protect sensitive information and data from getting access without permission and proper privileges. Thanks to IAM and IG, an organization’s data could be better secured from unauthorized access, malicious threats and cyber attacks.
For a second time, next year, PATECCO will take part in the 14th edition of the conference E-Crime and Cyber Security. It will take place in Frankfurt, Germany, on 28th of January 2020. The company will be an Education Seminar Sponsor and will present its best practices in the field of Identity and Access Management.
The event is the leading market place for visitors of the banking
industry and for IT service providers which activity is focused on the latest
technological developments and IT trends. The conference provides a good overview about the actual IT
security sector and gives the opportunity to find out how the IT professionals
in the organisations are meeting their goals, how they are addressing business
priorities and operational objectives in order to reduce risk, protect data,
ensure compliance and strengthen security posture.
During the one-day event, PATECCO will have a counter where its team members will welcome each visitor who is interested in Identity Access Governance IAG, Privileged Account Management (PAM), Security Incident and Event Management SIEM, Management and IT-Consulting, and Cloud Access Control. Each one, who is interested in these specific areas, will be invited in a personal meeting where all details will be considered.
Besides, the company’s CTO – Mr. Helmut Brachhaus, who is an
expert Privileged Account Management, will
speak in a 35 minute session, related to the topic about BAIT (in German – Die
Bankaufsichtlichen Anforderungen an die IT) or said in English – “The banking
supervisory requirements for IT”.
Mr. Brachhaus will describe case studies that detail how
security frameworks and methodologies are being applied in the real world to
help lines of business and the board take advantage of new opportunities,
increase productivity, enable agility and decrease cost. He will also share critical
and unique insights that can inform the direction of business, technology and
security strategy and practical steps that can help assess exposure to,
articulate and proactively mitigate the impacts of emerging risks.
PATECCO is an international company, dedicated to development, implementation and support of Identity & Access Management solutions. Based on 20 years’ experience within IAM, high qualification and professional attitude, the company provides value-added services to customers from different industries such as banking, insurance, chemistry, pharma and utility.
To meet the challenges of today’s world, competitive
companies need to increase their business agility in a secure environment and
need to enforce the performance of their IT infrastructure. With the
development of the business, enterprises now require new methods to manage
secure access to information and applications across multiple systems,
delivering on-line services to employee, customer and suppliers without
compromising security. Companies must be able to trust the identities of users
requiring access and easily administer user identities in a cost-effective way.
That’s why it is important how they manage all the identities
that access information across the enterprise (from employees and customers to
trading partners), how they keep all interactions compliant and secure
regardless of access channel, including personal devices.
More and more enterprises are undertaking significant digital
transformation initiatives to integrate more applications and automate
processes in a bid to increase productivity and the pace of innovation. These
initiatives frequently involve the integration of information technology with
operational technology, even bridging security domains, through direct
integration with value chain partners. Digital transformation initiatives
deliver significant value, but potentially put more resources at risk and
increase the enterprise security threat surface.
Managing external identities, determining who should have
access to what resources, and validating and auditing access requests to key
resources across channels creates significant administrative overhead for the
enterprise. The inherent risk in granting access to mission-critical resources
to people and organizations outside the enterprise’s control is compounded by: lack
of visibility into an external organization’s hierarchy to validate user requests
for access to resources, inability to identify orphan accounts, audit whether
users are still active at an organization and still need access to resources, and
The solution for all these business challenges and risks is Identity and Access Management (IAM). It is developed, based on the users and access rights management through an integrated, efficient and centralized infrastructure. This concept combines business processes, policies and technologies that enable companies to provide secure access to any resource, efficiently control this access, respond faster to changing relationships, and protect confidential information from unauthorized users.
Beyond the most basic function of directory services that
maintain the metadata associated with an identity, IAM covers two main
functions: Authentication and Authorisation.
How does PATECCO IAM solution
enable you to manage your most critical identity and access management
PATECCOoffers a robust set of IAM capabilities. The solution enables enterprises to centrally manage the entire identity lifecycle of their internal and external users, as well as their access to critical resources across the enterprise. The IAM platform provides a comprehensive set of capabilities to connect and manage the people, systems, processes, and things that span the extended enterprise. PATECCO IAM solution addresses identity and access management challenges in three key areas:
1. Onboarding and
provisioning is a business problem, which deals with the policies, rules,
technology, and user experience pertaining to creating and managing user
accounts. Enterprises need robust approval-based access requests, the ability
to audit access grants, and the ability to provide answers to the questions of
who has what, why, and for how long?
2. Authentication and access
With network security perimeters disappearing and data
flowing freely within and between companies, identity has become the crucial
point to help manage, control, and govern access to data, applications, and
cloud resources. This requires the enterprise to master non-core capabilities
such as single sign-on, password management, advanced authentication, role-based
access control, and directory services integration.
3. Privacy and security
The rise in awareness about compliance management—as well as
the growing list of regulations on the matter such as GDPR in Europe—is driving
the adoption of IAM solutions for security purposes. Enterprises must prevent
sensitive information from being disclosed to unauthorized recipients. They
must reduce or eliminate the risk of financial loss, public embarrassment, or
legal liability from unauthorized disclosure of sensitive or critical
information. PATECCO solution for IAM mitigates many of the risks inherent in a
diverse, globally distributed supply chain. Starting with comprehensive
identity and access management capabilities, we can ensure only the right
people have access to the most trusted resources when they need them. Adding
comprehensive tools for audit and attestation means that the enterprise can
easily determine who has access to what resources at any time, as well as how
they got access and when they actually accessed the resource.
After describing the IAM capabilities, we can conclude that the more IAM continues to evolve, the more organizations will look to broader, enterprise-based solutions that are adaptable to new usage trends such as mobile and cloud computing. Effective identity and access management processes are able to bring business value to your enterprise — reduced risk, sustaining compliance, improved efficiency and end user experience responding to the changing IT landscape.
Today a lot of enterprises rely on higher security and governance to run and keep their business successfully. We are witnessing a trend where the more connections are increasing, the more security breaches affect companies from all around the world.
The enterprises suffering such data breach problems experience significant losses in terms of recovery costs and brand damage. That hard situation comes when there is some type of “unauthorized access” (whether from internal or external threats) to corporate applications and sensitive data. As a result, companies make a detailed review of their current Identity and Access Management (IAM) processes and after detecting some gaps, start looking for new IAM approaches. In this way they want to ensure that their organizations are safe from access-related security breaches, optimize the operational costs associated with access control and meet their internal and external compliance requirements.
Regardless what IAM system you will choose, in this article we will give you an idea of what steps to take for building an effective Identity and Access Management (IAM) strategy, focused on mitigating key risks for the organization.
1. Use federated identity management approach
could implement a federated identity management approach whereby the
organisation providing the data or service trusts the authentication measures
in place at a collaborating organisation. If you use such an approach, it’s not
necessary to share the personal details of the user requesting the access, only
an assertion from the trusted party that the user is authorised to make the
2. Keep a good
Good governance ensures that
there is a consistent approach to risks and compliance across different lines
of business. It is able to reduce costs by avoiding multiple, ad hoc,
approaches to compliance and risk management. Identity and access governance
ensures that only authorized persons have access to the confidential and
Remember that the power of identity and access governance is in managing privacy across the enterprise. Governance is your procedure and framework that makes everything consistent across the board. That means risk management and compliance for all your lines of business.
3. Avoid multiple authentication
Authentication process is used for confirming the
user identity. The typical authentication process allows the system to identify
the user via a username and a password.
The less authentication your users have to go through, the better. You could have a negative feedback if users have to go through a multiple authentication levels to gain access to an email or account. Some may even find their own shortcuts, which is where problems can arise.
Single sign-on can help, but cannot resolve the
problem. Users operating in an SSO environment could have negative feedback
from their home and mobile workers due to the extra levels of authentication
required to access the new system.
There are stronger methods of authenticating the user, including certificates, one-time passwords, and device fingerprinting. Thanks to them, could be provided a stronger combination of authentication factors.
Phases of IM Strategy
the Identity Management Strategy requires three distinct phases: assessment,
analysis and planning, as well.
Assessment Phase: Assess your current infrastructure and architecture and
Analysis Phase: Determine key technology and process gaps and identify needed
identity capabilities and integration points;
3) Planning Phase: Define high-level, future-state identity architecture; Develop a phased implementation roadmap; Document and present final recommendations
In order to secure identities and data, as well as tо ensure readiness, organizations need to respond proactively to the coming changes by adapting the right strategy, operations and architecture of their IAM and its supporting tools and services.
Insurance companies are a
High-Value target to hackers. The reason is the multiple vulnerabilities
included in the insurance provider data. They could be customer portals, credit
card transactions, insider threats, external hackers (credential acquisition),
Big data warehousing and applications, cloud data storage and more. Some of the
insurance companies use outdated or not reliable security solutions which very
often leads to cyber criminals’ attack with serious consequences for the
company. As a result, Insurance
companies become more and more willing about cloud adoption and instead of
asking ask “why”, they make plans about “when and how”.
Several factors provoke the
insurance companies to move their applications and data into the cloud as they
reassess their business opportunities. These factors include the need for
enhanced agility, the need for technology operating efficiencies and the
opportunity of reducing infrastructure costs. For insurers navigating a complex
risk, regulatory landscape and adoption of cloud comes with multiple challenges
of data privacy, architecture, system interfaces and IT security. All that
could be handled with a Cloud solution which offers rapid provisioning, clear
visibility of assets, robust data governance and a seamless mix of delivery
The advantage of
moving to Cloud for Insurance Companies
When we talk about Cloud
computing, it is not enough to justify its implementation only in terms of cost
and effort. Moving to the cloud changes the overall operation of the
enterprise. It creates new ways of operating, creates value for the clients and
makes your business grow faster.
When deploying and implementing
cloud computing solutions, insurance companies could better drive revenue,
improve collaboration, gain customer insight and reduce time to market for
products. But that’s not everything: there are several other key strategic
benefits that would change the way of work and connections in insurance
Benefit #1: Fast Deployment
Cloud computing offers rapid
deployment allowing businesses to be ready to take advantage of it in short
order. Cloud has enough resources available at its disposal to allow for
multiple tenants in the shared environment. These resources are always
Benefit #2: Higher Productivity and Collaboration
Cloud computing can help insurers
provide their agents, brokers and partners with a common, unified platform. It
allows them to easily gain access to real-time data and at the same time
increases the productivity.
Benefit # 4: Business Growth and Progress
Cloud systems help insurers to
deploy new business models, which are more customer oriented. A cloud-based
solution offers better understanding of the customers’ needs and successfully
develops the services to meet them.
Benefit # 5: Become more innovative
Insurance companies all over the
world are in a constant competition to innovate and offer new things on the
market. That’s why insurers need to make sure that their application portfolios
meet the emerging needs of the customers. Thanks to the Cloud system, they can
test and deploy new technologies and that helps them to better collaborate and
to develop new products and services.
Benefit #6: Optimized Risk Management
Cloud allows you to integrate risk data, risk assessments and risk indicators within its environment. That allows insurance companies to protect their data against data breaches and data theft.
Benefit #7: Cost effectiveness
Insurance companies are also
concerned about their regular expenses. The theory that Cloud is expensive is
completely denied by the fact that Cloud computing can help insurers save a great
amount of money which they can invest in better marketing activities or in the
execution of specific insurance plans. That’s the reason why we say that Cloud
ensures efficiency and flexibility.
Benefit #8: Simplified access with Single Sign-On
PATECCO has IAM consulting capabilities that can help insurance companies gain the benefits of moving to a cloud environment. Identity and Access Management supports single sign-on (SSO) and leverages protocols to integrate with enterprise’s cloud ecosystem. The IAM tools can also simplify the partner access. All user log-ins and activities are precisely managed and when an employee at your partner’s organization leaves, you should not worry about whether they still have access to your application. All access rights are strictly provided or removed according to the user status.
Cloud Computing is no more
considered as a specific term in the business sphere. It’s more often regarded
as a mandatory initiative and activity. As the number of breaches increases,
more and more insurance companies start using the cloud technologies which defenitely
changed the face of the insurance industry. Cloud computing is the first step
of the insurance firms’ digital transition – from ordinary to modern insurance
software. The adoption of cloud computing is beneficial not only for the
insurance companies, but for their customers, as well. It efficiently encourages
collaboration, communication, improves the security and productivity.
is a great opportunity for the businesses to replace the old models with
modernized ones, helping them conquer new global markets. Keeping efficiency,
productivity and agility with the help of such digital strategies has become
critical for all kinds of organizations. That’s a reason to say that an
essential aspect of digital transformation is the use of Application
Programming Interfaces (APIs). In this article, we’ll explain the core
advantages of APIs which contribute for the better business processes and progress.
What is actually API?
As Gartner says – APIs are the basis of every digital
strategy. An API defines in what way the software components interact with one
another, what data format is used, allowable usage and other parameters. Two of
the most common use cases are data and functionality sharing. For example,
OAuth provides websites with a way to encourage users sign-up without making
them go through a registration process.
Axway, APIs are a simple concept: they connect data to create new digital
experiences. Basically, APIs allow you to integrate systems and devices – both internally
and externally. This is a key element of any digital transformation. For
example: you can reach customers based on their location, collect data to
improve your services, and perform real-time updates. You can create new
combinations of seemingly incompatible devices, such as water heaters,
thermostats, and smart phones, and turn them into brand new products, services,
and data sources. Those appliances by themselves do not communicate, and this
this is where APIs act as the mechanism to facilitate data interactions.
The role of API in the Digital
critical to any digital transformation. They can change the entire process of
creation new business models. By using APIs there is much more agile
development process. Besides, there is more speed, more flexibility and more
backend services. What’s important for a business is not simply having a good
idea. What is critical, is how agilely the company can adapt that service to
changing consumer preferences. A new service can change as it is being
developed, and it can change even after it is in the market, thanks to APIs.
We like to talk
about APIs in plural, because you can do great things when you integrate
several. With connected APIs, you can automate processes, and reduce labour
intensive which results in speed and convenience.
The great thing about APIs is that they can be published to a community of external developers. Public transportation companies, for example, can share their schedules with external parties (Google Maps, and many others) through an API, so that their own riders are ultimately better served. Technically, this information can be combined with other information that is accessible through APIs, about restaurants, weather, sport events, and museums to create entirely new value added services. Security is an important consideration, as not everybody and everything should be able to access all APIs. Thanks to solid Identity and Access policies, your enterprise internal systems and processes can be fully safe and secure.
to devices, APIs can produce valuable data streams that you want to be stored,
in a way that they are easily accessible and transportable. Storing your data
in the cloud will relieve your staff from having to manage basic infrastructure.
The use of API
also creates seamless user experience for your customers. It makes it possible
for your services to be easily accessible on channels that your customers
usually interact with, including Facebook, Twitter, Instagram, chatbots,
virtual reality or anything with an interface. The API management solution makes
your APIs highly visible and consumable and allows your customers to access
your services anywhere and at any time.
The success of the digital
transformation depends on continuous evolution. And the driving mechanism
behind the continuous change is using a smart API strategy. Since software
drives the progress of every business, APIs have become both engines of
innovation and the source of competitive advantage, as well. They enable the
business to offer new products, better customer experiences, and more efficient
If you are curious to get to know about a certain API use case, check out PATECCO previous article about FIM Query Service.
Many enterprises deploying Identity Management Solutions believe that this will suffice for access governance. The truth is that an identity management solution is only a point solution and access governance requires something more complex – monitoring of the dynamic access rights of multiple users to myriad applications. On one hand, Identity management solution allows IT to automate identity management and access control. On the other hand, an access governance system provides a high-level business overview of access requests, compliance processes, and in what way the risk management strategy ties into user roles and responsibilities. This means that access governance cannot work without identity management and at the same time facilitates advancements.
Today’s compound regulations make
compliance an essential consideration. While providing the data trail required
for audits and compliance requirements, it’s important at the same time to
track, audit, and control what individual employees have access to. More and
more companies recognise the need for access governance caused by multiple
factors and challenges. This is for example increasingly complex regulations
that demand strict adherence, the escalating scale and frequency of cyber
attacks, adoption of the cloud which poses a concern about monitor which
employees access what data, using which device!
How access governance system governs access rights?
Assigning specific rights to
employees for accessing only what they need to full their job roles and
responsibilities, efficiently and in a secure manner.
Aggregating data on user accounts
that have access to the different applications, databases, data centres,
network devices, etc., together a single and easy-to-manage view into access
rights and accounts on all systems.
Implementing strong security
What benefits does Identity Governance bring to the business?
Identity governance system
enables the regulation and control of access in an efficient, systematic, and
Identity Governance grants a
comprehensive view of roles and privileges within each department of the
company. This results in deep insight into how access is used across the
organization by different users.
An access governance system also
positively impacts the certification process. Certification and recertification
requirements are reduced and users can be certified on an ad-hoc basis, at any
point in time.
Access governance facilitates
collaborative and analytics-based decision-making, based on the data aggregated
across users and departments.
Access Governance goes well
beyond access recertification, role management and analytics. Strong
capabilities for access request management, access analytics, and advanced
direct or indirect capabilities of provisioning changes back are more often
than not mandatory features. Increasingly, improved integration with Privilege
Management tools or User Activity Monitoring solutions are being developed as a
key focus area for many organizations.
PATECCO enables Digital Transformation for enterprises by delivering seamless customer experience, business efficiency and actionable insights through an integrated set of IAM, Governance Risk and Compliance and Cloud technologies.
Identity and Access Management has always been an ongoing process and an essential element of the enterprises’ infrastructure that demands continuous management. No matter you have completely implemented directory, it’s useful to take advantage of best practices to help continuously manage this crucial part of your IT environment.
PATECCO management team has a long experience in executing projects from different industries. When it comes to IAM implementations, its experts know what exactly works effectively and what not. For this article we have tapped the collective knowledge of these experts to come up with these eight IAM best practices: They will help you improve your identity management system to ensure better security, efficiency and compliance.
#1: Create a clear pan
IAM projects require excellent planning and project management expertise, with a project team representing various stakeholders within the company. Most importantly, you need to have a business perspective and tie the phases of your IAM project to quantifiable business results and benefits. IAM solutions need regular care and feeding long after the initial go-live date, which means planning for follow-up optimizations is crucial.
# 2. Implement IAM in phases
Implementing IAM in phases will
definitely shorten the “time to value” of your project — the time before the
business sees a distinct benefit — in the process giving you executive backing
that will ensure the full funding of future phases.
# 3. Define identities
Start implementing a single, integrated
system that ensures end-to-end management of employee identities and that retires
orphaned identities at the appropriate time. This is where IT responsibility
begins in the identity management lifecycle. You should also identify a primary
directory service (often Active Directory) and a messaging system (such as
Implementing workflow on the base of “request and approval” provides a
secure way to manage and document change. A self-service web-based interface
enables users to request permission to resources they need. It’s necessary to define
who can control that list of services and who is responsible for managing
Make provisioning automated
Manging new users, users who leave the organisation, and users who are
promoted or demoted within the organisation require provisioning, de-provisioning
and re-provisioning. Automating them will reduce errors and will improve
consistency. Start first with automating the basic add/change/delete tasks for
user accounts, and then integrate additional tasks such as unlocking accounts.
You will need a certain amount of inventorying and mining to precisely
identify the major roles within your organisation, based on the resource
permissions currently in force. When the user places a request, the owner of
the affected data has the ability to review, approve or deny the request. It is
also important to define who will manage these roles and to ensure that roles
are created, modified and deactivated by authorised individuals following the
Many companies are now affected by the GDPR regulations, and your identity
management system plays a beneficial role in remaining compliant. You should
focus on clearly defining and documenting the job roles that have control over
your data, as well as the job roles that should have access to auditing
information. Determine compliance rules, and assign each step to a responsible
knowledge and control to business owners
After the IAM system implementation, you should let business data owners
manage access to their data and to provide central reporting and control over
those permissions. For that purpose education is needed of both end
users and the IT staff that will be charged with ongoing administration and
operation. From time to time, make a refreshment of their knowledge, to keep up
with turnover and new product capabilities.
This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you,
We won't track your information when you visit our site. But in order to comply with your preferences, we'll have to use just one tiny cookie so that you're not asked to make this choice again.