Identity and Access Management Services
With the prevalence of cloud as well as common themes such as collaboration, federation and syndication, Identity and Access Management more than ever before is of increased relevance to organisations.
The accelerated externalisation of business processes, functions, information and data leads to organisations embarking on their Identity and Access Management journeys as a matter of priority and urgency.
We have successfully helped several of our customers with the evolution of their IAAM journeys. Externalisation often results in a fundamental shift from a typical goal of network and information security. Instead of focusing solely on keeping potential intruders out, organisations must focus on letting host of users in – but in a highly controlled and selective way. This can be achieved by implementing a business-driven framework for security to offer granular access management. From our experience the following guiding principles must be considered for IAAM implementations:
Accessibility must be ubiquitous so that anyone can access the resources they need from different digital channels. This includes anytime, anywhere secure access from a variety of interfaces.
The implementation should accommodate a variety of different authentication methods which can be applied on a flexible per-role or per-resource basis. It should be able to check the security posture of the device before allowing authentication.
Access Privilege Management
The implementation should enforce granular controls for all applications, including on-premise, off-premise and hybrid portals and solutions. The varying levels of trust for networks, user accounts and devices have to be considered. Policy management and enforcement must be dynamic, to accommodate changing user environments and changing business rules. The framework must be flexible, so that the enterprises can enable policy management using the model that benefits that best needs as they emerge.
The implementation must be robust, providing hardware, OS, and application hardening against the growing spread of Internet-launched worms and viruses. To be cost-effective, the IAAM implementations should provide a security and system hardening without excessive manual software patching and administration. Security should be extended to ensure that the end point, the network and user are secure and free from viruses, malware, from the beginning of each session and continuously throughout their entire session. Continuous security checks of the endpoint, network and user protect against malicious attacks, both intentional and unintentional.
Streamlined User Experience
Ease of use is imperative to serve any user. Single sign-on capabilities are to be considered, both for user convenience to limit help desk calls generated by the user having to remember a myriad of different passwords. Customisable User Interface (UI) capabilities will allow organisations provide consistent user experience and flow.