Try singing the theme song from the movie “There’s No Business like Show Business” in your head without it sounding like Ethel Merman. If you’re of my generation or older — a generation that remembers the incomparable singer and her signature song — it can’t be done. Business success and security are just as inextricably linked in today’s business world — you cannot have one without the other. And true security doesn’t exist if a solid solution for identity management is not in place.
However, identity management — one of if not the oldest form of security — has become increasingly complex and difficult to put in place properly. Further complicating matters are the layers of identity and access management that now exist due to multiple integrated systems, disparate identity providers, and the need to manage identities across so many business cases. Add to these, external partners who need access to data and customers who also need varying levels of access, and simple identification has become a rubix cube.
With so much at stake the show must go on. But organizations should make it their business to ensure that when the curtain opens on their identity management solution it follows a well written script. Here is a screen play in six important parts:
Scene 1 — Self-Service User Provisioning through an IT Store: Self-service user provisioning through an IT Store is the most significant innovation in identity and access management software. It grants users self-service IAM capabilities with automated user provisioning to make asset allocation, access management and the entire user provisioning process as easy as shopping online. It also allows IT staff to see and index everything they manage through a graphical ITIL service catalog.
Scene 2 — Self-Service Group Management: Offering self-service group management is a new approach to IT risk management that reassigns group identity and access management tasks to business users, eliminates group sprawl and streamlines IT compliance management reporting. The inclusion of innovative software audit controls for active directory group management and self-service group management also reduce IT cyber security risks.
Scene 3 — Anytime-Anywhere Access Certification: Providing anytime/anywhere access governance, access certification and built-in audit controls to business users allows them to approve and revoke access, delete accounts, allow exceptions, attach evidence, and send access validation audit messages related to governance risk and compliance; adding great efficiencies to compliance risk management operations.
Scene 4 —Joining IT Risk Management and Business Performance: Bringing together IT risk management with business performance management in one IT strategic plan turns security metrics into an actionable risk management solution and lets organizations easily track and manage performance metrics.
Scene 5 — Identity Intelligence Gathering: Identity intelligence lets organizations collect identity management information security metrics — including all user access‐ from across the entire enterprise including administrators, while pinpointing disabled accounts and reporting on the activities of privileged accounts.
Scene 6: Automated Password Management: Employing automated password management software guarantees identity and access management adherence an organization’s corporate password policy, while allowing for self-service active directory password resets without compromising IT cyber security. Additionally, automated password management software provides the reset password active directory audit controls needed to prevent weak passwords without over-burdening help desks.
Incorporating these scenes into a complete IAM script will ensure that your organization can “go on with the show” securely, effectively, and inexpensively for a long and successful run. Because while there’s “no business like your identity management business,” you better get rave reviews.
To learn more about Avatier’s identity management solutions watch the Gwinnett Medical Center user provisioning and password reset case customer case study.
Learn the future of identity management and how IT automation combined with self-service administration create competitive advantage. KuppingerCole’s Assignment Management — Think Beyond Access describes the IT shift from tightly controlled identity management processes to more open business user administration.