OOW Session: Who should Have Access to What , Risk = Hazard + Outrage

Risk = Hazard + Outrage. This was Peter Sandman's simple formula for executives to evaluate the risk and response to a potentially brand damaging event. With user access, the formula applies as well. If a trusted administrator gets access to the latest product specs and discloses the information to the public without consent, the hazard is financially high and the shareholder outrage is perhaps equivalently high. The net is directly equivalent to the risk of the event happening. 

So when we consider who should have access to what, different users constitute different risk.  A single administrator with root access may create a higher risk than the intern working in the mail room. The risk is directly related to the system and the data to which these individuals have access. Governing the data is directly related to how we govern the user access. 

If these topics interest you, You will want to catch Jim Taylor and Neil Gandhi at Open World in session "CON8810: Who Should have Access to What -- Better risk management with Identity Governance" . Complete list of sessions click here.

Comments:

Post a Comment:
  • HTML Syntax: NOT allowed
About

Oracle Identity Management is a complete and integrated next-generation identity management platform that provides breakthrough scalability; enables organizations to achieve rapid compliance with regulatory mandates; secures sensitive applications and data regardless of whether they are hosted on-premise or in a cloud; and reduces operational costs. Oracle Identity Management enables secure user access to resources anytime on any device.

Search

Archives
« April 2014
SunMonTueWedThuFriSat
  
1
3
4
5
6
7
8
11
12
13
15
17
18
19
20
21
22
23
24
25
26
27
28
29
30
   
       
Today