recently released a report documenting the trend toward businesses adopting
a more platform centric view of Identity and Access Management - noting that
companies can save up to 48% by deploying solutions that are part of an
integrated platform vs. deploying and integrating point solutions from different
a copy on our website.
Security Is About
In Identity Management, security is a
question of how quickly we can adapt and change. When an employee changes job
roles or separates from the company, the latency of changing the employee's
access to applications is the window of risk exposure. If a hacker is attacking
your system, the latency of detecting the hacker and preventing the attack is
the window of risk.
Analogy - if I go outside to
pick up the mail and leave my front door open for five minutes, the chances are
my TV is still in my home when I return. If I go to Aruba on vacation for a week
and leave my front door open most likely my TV is gone. The key difference is
the latency. The faster I close the door ,when I no longer need it open or when
I am no longer monitoring it, the more secure my TV will be. In Redwood City I
can probably keep my door wide open for a day or more without my TV
disappearing. Lets say I am in Manhattan. If I leave my door wide open for one
day, I may lose my TV. The difference between Redwood City and Manhattan is the
velocity and volume of the potential threats. In Manhattan I need low latency
change. In Redwood City, I can probably go a little longer without closing my
door. In Manhattan there is just a larger volume of traffic that can
potentially walk into my place if I leave the door open.
To connect the analogy, organizations
today are providing more remote access to partners, customers and employees. At
the same time the volume of applications has risen. The business enterprise is
now living in Manhattan and leaving lots of doors open. The processes to change
access control via help desks, determine appropriate level of access, enforce
separation of duties and monitor user behavior are not integrated enough to keep
up with the velocity of the threats. Here are a few examples:
- Employee Job Change -
Organizations use ticketing systems to have user access changed. The reality is
that the help desk is taking these requests by the thousands and it takes days
or weeks to make access control changes.
- Employee Separation -
Organizations depend on application administrators to remove dormant accounts
and reconcile which users are no longer with the company before terminating
access. The reality is that there are thousands of accounts and the application
administrators do not have a way to truly certify a user's access or account.
- Re-mediating Employee
Certification Reviews - Organizations depend on managers to certify their
employee access without providing the context information necessary for managers
to make the right decision. The reality is that many managers are blindly
certifying user access because the task of verifying user access is too
Bottom Line: Quicker access change
control to portal applications and better prevention of SOD conflict to ERP
systems makes the enterprise a safer place.
We have to reduce latency of access
change as the velocity of the threat increases. An integrated platform minimizes
the latency of change across all applications so enterprises can adapt to the
velocity of threats.
Don't miss the upcoming webcast on Analyzing the Identity "Platform" versus "Point Solution" Approach on Sept 15, 2011, 10 AM PST. Register today.