August 8, 2016

Identity and Access Management: Passwords and Governance

By Dean Wiech

Identity and Access Management The identity and access management market continues to grow in a wide variety of industries of all sizes. As has been much discussed in many headlines, this is primarily because of three main reasons: 1) It is much more cost effective to implement than in past years; 2) Solutions can be […]

Identity and Access Management

The identity and access management market continues to grow in a wide variety of industries of all sizes. As has been much discussed in many headlines, this is primarily because of three main reasons: 1) It is much more cost effective to implement than in past years; 2) Solutions can be implemented fairly quickly, and 3) Companies have realized the great benefits IAM solutions bring to their organization.

As the IAM market continues to grow, the solutions have become more advanced to meet the changing needs of the many different organizations and the unique challenges that they face. These solutions are not just basic account creation and password management anymore. They have evolved to handle the various types of employees and industries and still continue to progress and grow.

Let’s take a look at some of the newer advancements made in the IAM market that were created to meet the needs of these industries. The following are two advancements that came directly from trends in the market.

Password management for remote employees

One newer trend is employees working remotely. Users don’t always work in the office or on the company’s network. Though they are not in the office, they encounter similar, but somewhat different, issues as employees in the office. One newer solution to a specific problem has been to make the login process for remote workers more efficient and easy. Think of an employee who is quickly trying to gain access on their smartphone or tablet. To open each application in a new tab and enter credentials is an extremely time-consuming process.

A solution that was developed to easily mitigate this issue is cloud-based single sign-on solutions. Users can easily access a portal where all applications they are authorized to access are available. They simply provide a single set of credentials for authentication and can then access their applications by simply clicking on the icon. This allows them to access their applications from anywhere that they are working, whether inside or outside of the company’s network from one place.

This is also extremely convenient for users who are using mobile devices. Many vendors offer the ability for users to download an app on their device. The app will prompt the user to enter a single set of credentials to get to the portal where they can access their applications. For users who are on the go, and use tablets or smartphones, this can be of tremendous benefit. They can access what they need, from anywhere, at any time, without having the inconvenience of authenticating to multiple applications.

While this type of solution is very convenient for remote employees, it is also helpful for many different industries. For example, in education, where students complete a large majority of their work outside of the school’s network and often use many mobile devices.

Security of access rights

Another trend and growing requirement of organizations in the last couple of years is ensuring security when it comes to access rights in the network. While security has always been a top concern, there has been an increased need to ensure the network is secure from the inside and that employees cannot access system and applications with sensitive data unless their job requires it.

This can be achieved with access governance solutions that have become more available in recent years. Access governance ensures that each employee within the organization have the correct access rights to the exact resources that they need. This is important for many reasons including for employees to efficiently perform their jobs and to keep the company’s network secure.

The company first needs to set up a model of exactly which access rights each role in the organization should have. For example, someone working as a manager in the IT department will need certain access rights to systems, applications and resources. By utilizing access governance, it can be ensured that when the account is created it is done so without accidentally making any access mistakes; either giving the employee too many rights or too few rights. This ensures that the employee receives exactly the correct rights that they need and in a timely manner.

Additional methods and modules have also been developed to further mitigate any security issues of access rights.

Reconciliation is another way to ensure absolutely correct access rights. This module compares how access rights are set up to be in the model to how they actually are and creates a report on any differences. Anything that is not accurate can then be easily corrected.

Attestation is another form of checking access and goes one step further — regular verification that everything is correct. A report is sent out to managers of a department showing their employees and their access rights requiring them to verify accuracy. For example, the marketing manager will receive a report on the access rights of everyone in the marketing department. He or she will need to review and either mark access rights for deletion, change access right directly or create a ticket in the helpdesk system to change the access right. After looking everything over the manager must give his or her final approval for the proposed set of changes to ensure that everything is correct.

These are some of the newer trends in IAM that vendors have developed to meet changing needs of organizations. But what about other trends in IAM? Will the industry continue to grow?

Of course; as trends develop so do problems and solutions in the identity and access management space. For example, for remote workers there are still issues that an IAM solution would resolve. Working in the cloud and remotely brings about unique challenges for account and password management since they are occurring outside of the company’s network. As trends change and develop, the IAM marketing will continue to transform to meet the needs of different employees and industries that utilize the solutions.

By Dean Wiech

Dean Wiech

Dean Wiech is managing director at Tools4ever US. Tools4ever supplies a variety of software products and integrated consultancy services involving identity management, such as user provisioning, role-based access control, password management, single sign on and access management solutions.
Jeff DeVerter

Charting the Course: An Interview with Rackspace’s Jeff DeVerter on AI and Cloud Innovation

Rackspace’s Jeff DeVerter on AI & Cloud Innovation In an insightful conversation with CloudTweaks, Jeff [...]
Read more

AI at the Gate: Navigating the Future of Cybersecurity with SonicWall’s Bobby Cornwell

Navigating the Future of Cybersecurity In the face of the digital age’s advancements, AI’s role [...]
Read more

Azure Free Tier vs. AWS Free Tier: Which Provides More Value?

Cloud computing has become a cornerstone for the digital transformation of businesses. From startups to [...]
Read more
Katrina Thompson

Why Zombie APIs are Such an Important Vulnerability

Zombie APIs APIs have a lifecycle, the same as anything else. They are born, they [...]
Read more

A.I. is Not All It’s Cracked Up to Be…At Least Not Yet!

Exploring AI’s Potential: The Gap Between Aspiration and Reality Recently Samsung releases its new Galaxy [...]
Read more
Metasploit-Penetration-Testing-Software-Pen-Testing-Security

Leading Cloud Vulnerability Scanners

Vulnerability Scanners Cyber security vulnerabilities are a constant nuisance and it certainly doesn’t help with [...]
Read more

SPONSORS

SPONSOR PARTNER

Explore top-tier education with exclusive savings on online courses from MIT, Oxford, and Harvard through our e-learning sponsor. Elevate your career with world-class knowledge. Start now!
© 2024 CloudTweaks. All rights reserved.