Skip to main content

What is the Role of Blockchain in Improving Identity and Access Management?

The digitization of the business organisations leads to the digitization of identity. From personal information to professional certifications, the need for identity information and credentials is constantly increasing. Usually, identity information is monitored and verified by third parties, whether government or the private sector. But faltering confidence and new tools challenge these structures.

Many companies from the public and private sectors, believe that blockchain can add value to their operations. It offers transparent visibility and an immutable, time-stamped record of contracts. Each “block” of information in a chain is stored across a wide array of networked computers — a full blockchain never exists in its entirety on any single device — making it nearly impossible to falsify information in a blockchain.

What is a Blockchain and how it is related to IAM?

According to our partner, IBM, Blockchain is a shared, immutable ledger that facilitates the process of recording transactions and tracking assets in a business network. An asset can be tangible (a house, car, cash, land) or intangible (intellectual property, patents, copyrights, branding). Virtually anything of value can be tracked and traded on a blockchain network, reducing risk and cutting costs for all involved.

Identity management with blockchain works in a different way. There is no centralized database, instead, information is stored over a peer-to-peer type environment, by adopting a decentralized framework. The data is stored immutably in publicly owned blocks over the network. This solution provides flexibility, security and privacy for data management with reliable authentication and integrity check.

The Role of Blockchain in Identity and Access Management

The role of blockchain in identity management is to provide a means to verify identities, control access, and ensure the integrity the data and transactions. Everything stored in the database is publicly owned and immutable. Traditionally, effective IAM has been a challenge for large corporations for several reasons. Firstly, digital credentials are frequently a target of fraud and other cybercrime. Furthermore, siloed data creates a high potential for error, unnecessary overhead, and increased vulnerability to fraud. These issues are only exacerbated by the fact that traditional IAM measures are incredibly difficult to scale.

It is essential for business leaders to understand that balancing easy information access with strong, scalable security measures requires a highly dynamic system — one that blockchain is ideally positioned to power. Blockchain offers several major advantages over traditional means of IAM:

  • Improves Identity and Access Management

While we are fully aware that employee error is the primary cause of credential theft which are centrally stored and managed, the technology can store credentials on the blockchain in a decentralized manner reducing system intrusion risks and access fraud as hackers will have to attack multiple points of entry to access the data.

  • Track changes

Blockchain can help ensure that data is not changed without authorization or stolen. If you change any part of the blockchain, it is permanent, and you can’t remove it from the database. Furthermore, changes or new data will not remove or replace old data but rather will be recorded at the top of the blockchain with ownership and a time stamp which makes it trackable in case of an attack to trace back to the source.

  • Ensure redundancy

A blockchain is distributed and omni-present. Because various computers store a copy of the blockchain data, in case of accidental and intentional tampering, you can find the original information in other sources.

  • Prevent cyberattacks

DDoS attacks are common cyberattacks which aim to bring business systems down and make them unavailable by flooding requests. DDoS attacks are easy because parts of the domain name system (DNS) is store centrally and is susceptible to attacks and theft which can be used to bring systems down. Decentralized blockchain will prevent DNS theft and prevent DDoS attacks. Also, since any block change in the blockchain must be verified with the remaining of the blocks, attacks will be detected quickly and contained by keeping bad data out of the system.

PATECCO Launches a New Whitepaper – “How can Management, Audit and IT Simplify the dentity Governance Process Using Security Verify Governance”

The latest whitepaper from PATECCO is here. Learn more about IBM Security Verify Governance and what are the goals of IGA processes. In the whitepaper you will also find interesting information on the following points:

  • People – Processes – Technology
  • Reduction of security risks
  • Proposed solution
  • Compliance with recertification campaigns
  • Lifecycle of roles with SVG workflows
  • Analytics – Risk analysis with SVG Access Risk Control

Click the image below to read the white paper:

PATECCO Success Story – Integration of IBM Verify into Service Now

Last week, on the 6th of October 2021, PATECCO team had the opportunity to present one of its success stories at IBM Security Ecosystem Summit EMEA, with a focus on Zero Trust and Threat Management, Data and Identity. To increase the awareness for the interested ones, we wrote a summarised version of the story about the Integration of IBM Verify into Service Now.

Current Challenges in IT Infrastructures

Nowadays the complexity of multiple service management interfaces is constantly increasing. Such a complex interface can disorient the users in a mild case and completely alienate them in an extreme case. A lot of training is required to master all user interfaces, but that takes time, resources, and money. It’s also clear that companies spend quite a lot of time on redundant, manual tasks that can be automated. If you really want to take your business to the next level, you should think of investing in business workflow automation software.

It’s not an easy task to effectively manage and orchestrate the workflows, that’s why customers need to reduce the amount of different User Interfaces of their IT-Infrastructure The positive result will be increased user experiences, business efficiency, improved service and outcomes.

The concept of workflow automation

Most customers have an ITSM-solution, in most cases this is ServiceNOW. ServiceNow is a cloud-based workflow automation platform that improves operational efficiencies in enterprises by streamlining and automating routine work tasks. What needs to be integrated in the existing clients‘ infrastructures, is a centralized solution, so the workflows and processes should be centralized and automated in these systems.

It’s important to say that Workflow Automation is key to the success of every business. It’s an efficient solution to all those time-consuming and inefficient business processes. When implemented correctly, the workflow automation tool can help you save thousands of work hours every year.

Furthermore, the centralized workflow application allows users to stage and sequence tasks needed to produce the desired output, to minimize operational costs and increase ROI. All these features help to reduce time and improve efficiency. In addition, complete Governance logic is controlled by IBM Verify which is the whole controlling mechanism that governs the identities.

The solution

The advantage of utilizing the available ServiceNow integration App for IBM Verify is that the customers don‘t have to develop such integration, they need only to implement, configure and customize it. We utilize ServiceNow as a workflow engine, instead of building the workflows within IBM Verify and we also keep ServiceNow as the central place where we can efficiently build workflows.

Another advantage of the integration between IBM Verify and ServiceNow, is that they could be customized according to customers‘ specification. And for the proper customization of the workflows there needs to be an open and constant communication between all stakeholders. We use this system to make business process easier, more productive, user-friendly and time efficient. So, implementing automated workflows is the best possible way to achieve this goal.          

As a conclusion we can say that Zero Trust and Automation go hand in hand and they are one of the factors that determine the future of the cyber security. An efficient automation platform allows security teams to coordinate multiple technologies, ecosystems and vendor solutions, across on premises and cloud envirnments. It helps to streamline processes and drive efficiencies. It supports the Zero Trust model as it allows organizations to prototype, enforce and eventually update their security policy framework, no matter how big or complex that framework happens to be.

PATECCO Is Proud To Announce its Thycotic PAM Pub Quiz Winner

PATECCO team is proud to share that one of its IAM analysts – Sebastian Martin won the third place at the annual online PAM Pub Quiz, organised by Thycotic, on 1st April. A lot of participants tested their knowledge in the quiz, but only the best professionals who proved their expertise are the winners.

For Sebastian Martin the quiz was not only a challenge, but also a funny experience where he proved his knowledge in Privileged Access and security. His participation was not also a great example of a professionalism, but also a great proof that that PATECCO as an IBM partner is leading the PAM topic to its best.

The Importance of Security Information and Event Management in Business

We live in a digital era when modern businesses rely mostly on their IT infrastructure in order to conduct their daily activities. Of course, the reliance on IT brings a few advantages to organizations which become more streamlined and productive, but at the same time there is a persistent challenge that all businesses have to face: cybersecurity threats and incidents.

Cybersecurity incidents are not something unknown for the enterprises. Most businesses try to ensure the security if their IT infrastructure by establishing special safeguards. However, just slapping up some firewalls or subscribing to an antivirus software is not a serious approach anymore, not only because they are ineffective but also because the cybersecurity threats are continually evolving, and criminal hackers become more sophisticated. So, to resolve this problem, businesses have begun to turn to a more robust method of managing the security of their IT infrastructure: security information and event management (SIEM) software.

How does SIEM work?

Security information and event management (SIEM) software gives security professionals both insight into and a track record of the activities within their IT environment.  It is a group of complex technologies that provide a centralized view into a network’s infrastructure. SIEM provides data analysis, event correlation, aggregation and reporting, as well as log management.  While SIEM technology has been around for more than a decade, it becomes a critical component of a comprehensive security strategy in today’s threat environment.

The function of SIEM in cybersecurity is to provide a complete overview of a business’ entire IT infrastructure. Log data from applications, devices, networks, firewalls, antivirus software, wireless access points, and similar sources are collected to identify, analyse, and categorize different types of security threats the business may experience. SIEM products also provide dynamic, up-to-date information on the overall health of a business’ security system. This information can then be used to complete security compliance reports, analyse areas of weakness, and strategize solutions that may best protect the business’ entire IT systems in the future.

How Does a SIEM Help with Log Monitoring and Management

Effective log management is essential to an organization’s security. Monitoring, documenting and analyzing system events is a crucial component of IT security. Log management software or SIEM’s automate many of the processes involved. A SIEM handles the two following jobs that prior to today’s SIEM’s were handled individually:

  • SIM – Security information management provides long-term storage as well as analysis and reporting of log data. This was and is still tricky and time-consuming if you must build your own connectors to your IDS/IPS, Firewalls, DLP solutions, Application servers and so many other log generating assets in your IT environment. Most SIEM’s have some connectors out of the box today.
  • SEM – Security event manager provides real-time monitoring, correlation of events, notifications and console views. This is the key benefit of SIEM’s because a good SIEM will turn data into insights and a great SIEM, tuned correctly will turn insights into visual dashboards to assist analysts in uncovering anomalies and threats.

Effective SIEM solutions rely on logs from all critical components of a company’s business and network. These should include all firewall logs, logs from intrusion detection systems and antivirus system logs. As well, logs from primary servers should be included, particularly key application and database server logs along with the active directory server logs and web server logs.It is also important to protect your sources of log information, particularly when attempting to prove any legal culpability from computer misuse. This is because cyber attackers can try to delete or falsify log entries to cover their activity in your system.

Why SIEM is important and beneficial for the business?

To establish a capable cybersecurity team, SIEM solutions are a must-have for businesses in any industry. Today’s enterprises need a solution that can centralize, simplify, and automate security workflows to enable better analytics and incident response procedures. The key important pillars of a Modern SIEM are:

  • Incident Detection

SIEM enables the detection of incidents that otherwise would go unnoticed. Not only can this technology log security events, they have the ability to analyze the log entries to identify signs of malicious activity. And by gathering events from all of the sources across the network, a SIEM can reconstruct the series of events to determine what the nature of the attack was and whether or not it succeeded.

  • Efficient Incident Management

An SIEM solution can significantly increase the efficiency of incident handling, saving your security professionals time and resources. More efficient incident handling ultimately speeds incident containment, therefore reducing the extent of damage that many incidents cause. A SIEM improves efficiency by enabling rapid identification of all sources that were affected by a particular attack and by providing automated mechanisms to attempt to stop attacks that are still in progress.

  • AI Cybersecurity

In recent years, advanced technologies like machine learning have made SIEM platforms more robust. It gives the companies the power to defend their businesses with complex threats before they become irreparable. It accurately analyzes event correlations for unique patterns that may lead to the detection of complex concerns over information and system security.

  • Better Security Analysis

With SIEM solution, organizations get to integrate risk assessment services. SIEM tools make it possible for you to analyze network behavior in different circumstances and factors based on security sources for that particular condition.

  • Proper Categorization

Businesses can categorize and standardize network logs for effective monitoring and achieve a responsive workflow with in-depth visibility of your backups and security. It provides your IT team with access to additional features like quick data encryption, system access management, SSO integration, and other quality management services.

Businesses now have multiple services available in the market that can accommodate any SIEM requirements. Some of the most powerful software are IBM QRadar and Splunk Enterprise Security. Based on your system requirements, you can decide what SIEM features you want from your SIEM solution. Moreover, considering elements like budgeting, storage array, customization preferences, and training needs is also essential. And finally – businesses must determine their current resource capabilities before integrating any SIEM tool into their systems.

IBM Champion Program Recognizes Two of PATECCO Employees as Top Influencers and Experts

The tight partnership between PATECCO and IBM brings benefits not only for both companies and customers, but for their employees, as well. PATECCO is proud and happy to share that two of its highly qualified experts – Igor Migrić and Lars Thiemann – have been recognized as IBM Champions 2021 among 2000 nominations. IBM Champions is the largest and most representative class ever, including bringing the IBM Partner Ecosystem officially into the program for the first time.

The IBM Champion program recognizes both experts as innovative thought leaders in the technical community and rewards these contributors by amplifying their voice and increasing their sphere of influence. The program catalyzes their ongoing contributions by providing education, engagement, and opportunities.

Igor is honored to be recognized as a returning IBM Champion for providing support, mentoring and technical contribution to get the most out of the IBM solutions, especially for IBM Security Verify Governance. Lars is also nominated as an IT Professional in the area of Security, who demonstrate practical expertise in IBM technologies while providing extraordinary support and advocacy in IBM digital and local communities.

As a reward, the two distinguished IBM Champions receive IBM Champion-branded merchandise, IBM Champion digital badges, and invitations and discounts to IBM conferences. Moreover, they are highlighted online and recognized at events. As thought leaders they will be offered various speaking opportunities that enable them to raise their visibility and broaden their sphere of influence.

Questions and Answers Between IBM and PATECCO

More than an year PATECCO and IBM work on successful PAM and IGI projects together as partners. During the meetings and moments of interesting discussions both teams get to know better and find the ways to collaborate as professionals. Now PATECCO is close enough with IBM to sit together, even online, and to share some secrets and business practices.
Which are they, learn from the video interview between Lisa Unkelhäußer – IBM Security Channel Leader DACH and PATECCO’s General Manager – Volker Paetschke.
Enjoy it!

When Cloud and Identity Meet Together

Identity management gives the opportunity to a company to effectively identify, authenticate and authorise single users or groups and their access to specific information – applications, data, networks and systems. User permissions and restrictions on what the employees can access and perform are connected to created by the organisation identities, which can be controlled and configured in an efficient manner. That means that only the right people can access the right resources, at the right times, for the right reasons.

With digital transformation via cloud computing, it is possible to have flexible access to apps and data anywhere at any time, so it’s crucial that identity is on the same level as security – that is why they are so tightly linked. Every organisation should have a top-priority objective – to have the right capabilities to safeguard the new adoption of cloud technology and at the same time to protect information confidentiality in every industry. The strategic partnership between PATECCO and IBM provides the opportunity to leverage solutions that manage both.

  • Why IBM CLOUD IDENTITY?

IBM Cloud Identity helps you ensure user productivity with cloud-based features for single sign-on (SSO), multi-factor authentication and identity governance. The solution includes a variety of pre-defined connectors that allow you to quickly provide access to commonly used SaaS applications. You have the option of defining templates for integrating your own applications. Take advantage of these opportunities when securely connecting mobile workplaces e.g. in the home office.

1. Single sign-on

A major benefit of the cloud is easy access to business tools, whenever and wherever users need them. But when tools and the passwords they require begin to multiply, that benefit can turn into a hassle. Many cloud-based applications that users want, do not have built-in security and authentication features.

You can also forget about username and password problems. Your employees can access thousands of cloud-based applications (such as Microsoft Office 365, Concur, Workday, IBM Box and IBM Verse) in your company with one registration. This gives you easy access to browser, mobile and on-premises applications.

1.1 IBM Cloud Identity SSO capabilities include:

  • Thousands of prebuilt connectors to federate to popular SaaS applications
  • Prebuilt templates to help integrate legacy and on-premises applications
  • Employee-facing launchpads to access any application
  • A seamless user experience to access any application with one username and password
  • A cloud directory for organizations that don’t already have a user directory
  • The ability to sync on-premises directories like Microsoft AD for use with cloud applications
  • Support for multiple federation standards, including SAML, OAuth and OpenID Connect (OIDC)

2. Secure access through Multi-factor authentication

In addition to the user ID and password, multi-factor authentication asks for other factors in order to grant access to applications in the cloud. Depending on the sensitivity of the data, the administrator can flexibly decide to what extent this is necessary.

2.1 IBM Cloud Identity MFA capabilities include:

  • A simple user interface (UI) for defining and modifying access controls
  • One-time passcodes delivered via email, SMS or mobile push notification
  • Biometric authentication, including fingerprint, face, voice and user presence
  • Second-factor authentication for virtual private networks (VPNs)
  • The ability to use context from enterprise mobility management and malware detection solutions for risk-based authentication
  • Software development kits (SDKs) to easily integrate mobile applications with the broader access security platform
  • Risk-based user authorization and authentication policies that use:
  • Identity (groups, roles and fraud indicators)
  • Environment (geographic location, network and IP reputation)
  • Resource/action (what is being requested)
  • User behavior (location velocity

3.Optimized management of the user cycle

Optimize onboarding and offboarding of users. In addition, you can easily create guidelines for access requests via self-service – for both on-premises and cloud applications.

4.Easy access to applications with the App-Launchpad

All applications can be conveniently searched, displayed and called up from a central point. The launchpad combines all applications – both on-premises and cloud services.

IBM Cloud Identity supports users’ requirements for frictionless access to applications, business leaders’ needs to increase productivity, developers’ needs to roll out new services quickly, and IT requirements to more rapidly respond to business change.

EXPERIENCE CLOUD IDENTITY IN ACTION

See how Cloud Identity works for administrators, managers, employees and external parties in this live demo.

Info source: IBM website

The Role of Identity Governance in Security and Compliance

In the complex network of managing user rights, permissions and accounts, tracking who has access to certain resources becomes almost impossible. Every organisation is facing demands, mandates and compliance regulations while managing the access and support of many devices and systems that contain critical data. Identity Governance and Intelligence solutions help business with the ability to create and manage user accounts and access rights for individual users within the company. In this way they can more conveniently manage user provisioning, password management, access governance and identity repositories.

Why is Identity Governance Critical to Security?

Identity governance is the core of most organizations’ security and IT operations strategies. It allows businesses to provide automated access to an increasing number of technology assets and at the same to manage potential security and compliance risks. Identity governance enables and secures digital identities for all users, applications and data.

In case the identity governance is compromised, the organization is left vulnerable to security and compliance violations. Companies can solve this problem by investing in identity governance and intelligence (IGI) solutions that address the business requirements of compliance mangers, auditors and risk managers. According to our partner IBM, “IGI provides a business activity-based modelling approach that simplifies the user access and roles design, review and certification processes. With this approach, you can establish trust between IT and business managers around business activities and permissions, making workflows understandable for nontechnical users. IGI solutions enable security teams to leverage powerful analytics to make informed decisions about identity, give users the applications and the flexible data access they need, and help to ensure compliance with ever-evolving regulations.”

When we talk about managing access within the organization, a number of researches show that more than 50 percent of users have more access privileges than required for their job. In most cases the reason is bulk approvals for access requests, frequent changes in roles or departments, and not regular reviewing user access. The trouble is that too much access privilege and overprovisioning can open an organization up to insider threats and increase the risk throughout the business.

It’s necessary to make sure that users have the appropriate access and to prevent facing with insider threats. The risk could be decreased by using role-based access controls (RBAC) – this means having solid, well-defined roles in place and knowing specifically which access privileges each role needs. As organizations grow and evolve, the right IGI solution can allow for more efficient changes and decrease risk by focusing on role definitions and role assignments rather than on individual accounts. The strategy of RBAC works well to decrease the timeline in executing bulk additions where a lot of change is happening at once, like during mergers, acquisitions and corporate reorganizations.

Why is Identity Governance Critical to Compliance?

Companies today have to manage customer, vendor, and board member demands, but at the same time they also must make sure they are compliant with any number of regulations, such as GDPR, HIPAA, and SOX. The increasing number of federal regulations and industry mandates that organizations face today, leads to more auditing, compliance reviews, and reporting.

Identity Governance is a critical discipline involved in this regulation. To be GDPR compliant, organizations must ensure that the personal data they process, collect, and store is properly protected. IBM Security Identity Governance & Intelligence (IGI) can help with that process. IGI allows only the right people to access and manage GDPR-relevant data. IGI presents these people to a business manager holistically in a single pane of glass. (source: IBM) IGI solutions not only strictly control the access to sensitive information like patient records or financial data, but also enable companies to prove they are taking actions to meet compliance requirements.

Furthermore, IGI solutions make the review process easier and more effective with built-in reporting capabilities to meet relevant government and industry regulations. A good compliance program allows for frequent and multiple access reviews to take place at any given time to meet ever-increasing auditor demands without engaging numerous resources from the organization.

One of the main reasons for implementing an IGI solution, is to ensure that users only have access to the resources they need. It also makes sure that you provide appropriate access, risk mitigation and improved security posture of your organization. Unfortunately, a lot of companies today may not view this as a strategic priority and that is a prerequisite to suffer a security incident at some moment. What such companies should do, is to trust IGI solutions and their strong capabilities. See here how PATECCO IGI Solutions are the foundation for a solid Identity and Access Management program in your organization.