SECURITY: identity
When the security of an organization is compromised, the means utilized to achieve the breach may have included a targeted external attack. The hackers could have employed clever social engineering techniques, or perhaps a sophisticated malware payload was delivered via email. The strategies are many, but one common goal to all of the methods is gaining access to administrative credentials, or privileged username and password combinations.
Identity theft occurs in corporate IT infrastructure all the time, and it takes the form of “cracked” user logins with if individuals with network authority.
This authentication data represents the individual’s digital identity – the way the corporate data systems recognize a unique active user for given platforms.
With a consistently growing and changing mix of data resources, devices and applications, managing numerous user identities can be a complex and difficult process. This is a necessary hurdle that cannot be overlooked by any competent IT security manager, and the challenge demands an effective solution that does negatively impact productivity.
Identity Access Management (IAM)
The primary purpose for IAM is define the unique identity of an each individual and maintain the role(s) for this user with the system(s) of the organization. Removing, adding and updating identities and associated privileges are part of the standard functionality. Most solutions will include some mix of the following components:
Multi-Factor Authentication (MFA) – a combination of credentials with other security verification methods like a token or a biometric component.
Password Management – tools to assist users maintain usernames and passwords for numerous accounts, with quick and secure access from different devices.
Single Sign On (SSO) – the ability to login only once and have this authentication carry through to several other systems, eliminating the need for repeated credentials entries.
Privileged Access Management – a system that integrates with the employee database and designates roles, policies and privileges for various system resources.
Identify the Solution
The right solution will address the need for Identity Management need without creating unwanted complexity introducing more risk. It is possible to unify access and authentication, streamlining the process while still maintain security. The goal is to decrease friction while not exposing the business to additional risk. With enhanced visibility into authentication and user activity (who is accessing what, when and where), a good IAM product will offer an integrated view into all authentication operations, improving both the end user experience and overall level of network protection.