Getting Schooled on Access Management Software

Getting Schooled on Access Management Software

Graduate to access management innovation.

The incident is still under investigation, so school and law enforcement officials have yet to reveal whether this was a case of insider or external exploits. If it was internal, the breach once again underscores the necessity of a reliable identity access management software and brings into focus once again the need for improved information security management across all environments. If it turns out that the computer was in the hands of a former employee it emphasizes the need for a robust IT risk management certification program including implementing systems that automatically shut off access when someone leaves the organization.

Lessons Learned

An old African proverb states, “When there is no enemy within, the enemies outside cannot hurt you”. Unfortunately groups worldwide fail to take this proverb to heart as many organizations in both the private and public sector over the past few years have been taken to task for having failed to secure their information from inside the company.

Identity access management software has become extremely complex in this decade alone. As computing environments have become more distributed, devices have proliferated, and enterprise information, whether on premise, or cloud-based have exploded. The protocols, tools, and cyber security audit controls to manage all of the complexity have also increased dramatically. Delivering the basic tenets of confidentiality, integrity and availability have become a nightmare.

The effect is an exponential increase in the number and variety of user identification, authentication, and access governance—many of which fall outside of direct IT control, but all of which can lead to loss of security.

Graduating to Identity and Access Management Innovation

Attempts to solve the problem have spawned homegrown identity management applications each designed to alleviate a small part of the problem. They in turn have given way to monolithic applications with all the simplicity of a Rubik’s Cube. In the end, all of this development has left a trail of unfinished, severely under-performing, and expensive to maintain identity and access management software that take more time and resources away from the IT department they were initially designed to help while increasing your cyber security exposure and risks.

An innovative way to look at the problem is to break the multiple functions of identity and access management software into a series of discrete application that are limited in their breadth, but which are more focused on their depth of control. By breaking identity and access management into discrete disciplines, organizations have a better chance of actually seeing a project completed successfully.

This move toward separating identity and access management software into independent practices or process disciplines is reflected by an increasing number of IT cyber security tools and technologies focused at those individual practices. Task initiation is distributed to both end users and team managers to increase accountability at the same time as increasing efficiency and auditability. This enables IT to strengthen tools and audit control technologies as business drives process and accountability and lays the foundation for both modern service management and up to date regulatory compliance and standards conformance.

The first step in this process is to increase cyber security at the point of identity verification, ensuring enterprise password management security through periodic, automatic and systemic changes and updates. For many companies increasing password strength according to corporate policy needs to be augmented with supplementary identity verification technologies such as biometric and token-based user validation—common access technologies for newer devices.

Unauthorized access from one rogue computer can’t always be solved by putting just one solution in place.  It’s a tough lesson for the Eugene School District to learn but also a reminder to everyone that defense in depth has become a critical part of risk management.

Follow Ryan Ward, Avatier Chief Innovation Officer and Chief Information Security Officer, on Twitter at https://twitter.com/ryawarr

Watch the video introducing Identity Enforcer, the world’s first IT store for self-service user provisioning, access provisioning, and asset management through a revolutionary IT store.

BP_identity-management Get a Free Copy of the Top 10 Identity Management Best Practices Workbook

Begin your identity management initiative by following what corporate compliance experts recommend for the workflow automation of businesses processes, self-service administration and IT operations.

Request the Workbook

Written by Ryan Ward

Ryan Ward is CISO at Avatier, responsible for security initiatives as well as strategic direction of IAM and security products. A sixteen-year veteran of the security industry, Ward comes to Avatier after five years with MillerCoors where he served as Enterprise Security Manager of the brewing company and USA Information Security Officer for the public company SABMiller. In those positions Ward was responsible for all Information Security initiatives for MillerCoors. Prior to MillerCoors, he served as Senior Information Security Leader at Perot Systems while supporting the Wolters Kluwer account. He previously held the position of Vice President of Information Systems for Allscripts. Ryan is also a Certified Information Systems Auditor (CISA) and a Certified Information Systems Security Professional (CISSP).