Understanding Critical Areas Should Lead To Fewer Information Security Breaches
San Ramon, CA — November 20, 2014 — Avatier, the leader in identity and access management (IAM), is warning corporate security executives to consider resource continuity and automation capabilities or run the risk of even more security breaches in 2015. In his recent blog "IT Security Continuity and Automation Saga", Ryan Ward, CISO of Avatier, stresses that along with other risk-related initiatives throughout an organization, corporations need to pay attention to these two areas.
"If IT security duties and other critical business resources are not spread across multiple resources, you could have a significant single-point- of- failure in your organization," Ward notes. "Most formalized processes covering planned absences like vacations, but these processes typically fail in during unexpected absences that happen all the time. Making sure your critical information security tasks have coverage in any situation helps avoid high-risk situations. It's something many companies just don't pay attention to."
Ward points out that automation can have both positive and negative impacts on a business. He points out that when organizations have limited resources with a high percentage of manual processes, something has to give. "In the IT security world, the "give" usually occurs in identity and access management processes," Ward adds. "The nagging tasks involved often add up quickly, take time and are easy to drop in favor of more interesting work. This is one area where automation pays off." However, he goes on to explain, automation can also have negative impacts when the solution is not managed properly or is too complex. One example he cites is poorly configured "automated" alerting systems that can interrupt information security teams so often that they literally become immune. "It's important that you spend time optimizing the tools you do have so you can respond effectively when a true incident occurs," he concludes. "An easy-to-use and well-optimized basic solution can often provide better results than an overly complex top-tier solution."
Avatier is the identity management company designed for business users. We automate and unify enterprise operations by standardizing business processes with an IT store. Our IT service catalog creates a single system of record for access requests and IT audit.
Our easily extensible identity management system lowers operational costs and provides corporate governance visibility. Avatier automates workflow and compliance reviews to reduce IT governance risks.
Founded in 1997, Avatier is headquartered in the San Francisco Bay area with offices in Chicago, Dallas, New York, Washington DC, London, Munich, Singapore, Dublin, and Sydney. Our products operate globally for customers like Marriott, DHL, Halliburton, Starbucks and hundreds more. For more information, please visit www.avatier.com and follow @Avatier on Twitter.
Direct: 1-415-963-4082 x101