Identity and access management – the process of ensuring the right people have the right access to information – should be a key component of any organization’s security infrastructure. A sound IAM approach will not only help protect your sensitive data, it will also save you time and money. However, implementation challenges such as business system complexities, lack of defined user roles and access needs, and communication gaps between IT and the business can make the process of adapting IAM feel overwhelming.
If you are struggling with identity and access management, you may be interested in my ongoing blog series about IAM. See below for a brief description of each post. I hope this series not only illustrates the benefits of an IAM program, but gives you a roadmap for how to surmount challenges with implementation.
Business System Complexities and What to Do About It
Enterprise IT has begun losing control of where sensitive data (i.e. PII, PCI, IP, etc.) resides as business systems become more complex, and businesses are now at the same time both empowered and at risk more than ever before. There is now a very obvious need for organizations that find themselves in this spot to shift focus to be less on the “thing” that accesses Enterprise data and more on the identities themselves.
Business System Complexities (Make it Easier)
There is no question that integrating current and future systems with a single end-user identity can be complex, both from a technical standpoint as well as a business process “re-engineering”. There are great solutions out in the market today that make the technical implementation easier, but how do you choose the correct one for your business?
Identity and Access Management—The Cart or the Horse?
In my experiences with identity and access management (IAM) projects, there is always a moment when you begin having a “Are we putting the cart before the horse?” conversation. This is particularly the case when you are, in parallel, having a conversation about how to “enable” IAM in the environment by either redesigning your current implementation of Windows Server Active Directory, creating or modifying organization roles and their definitions, or some combination of both. So where do you start and how will this impact the success of your project?
Role of Identity Management—Removing the Friction
With what seems like a daily stream of news related to data breaches these days, why is identity and access management (IAM) still not moved to the top of every CIO/CTO’s priority list? At West Monroe Partners, we have a concept that initiatives that remove “friction” are the ones that are most impactful and deliver the most value to an organization. IAM has enormous potential to remove friction on both the business and technology side, but organizations must understand the value.
The Evolution of Traditional Authentication
Microsoft recently announced the release of another preview feature for their Azure IaaS solution stack, Azure Active Directory Domain Services. This is a clear evolution of the way traditional Microsoft AD administrators install/configure/manage legacy Active Directory. Although there are currently some limitations, this is an exciting step toward removing the need to maintain legacy configurations and more seamlessly integrate with cloud hosted services. This post takes a look at this very basic configuration.
I hope these posts help illustrate the benefits of an identity access management program and how to surmount implementation challenges. If you have any questions about IAM or other security issues, please do not hesitate to reach out to me at firstname.lastname@example.org.