How To Create A Robust Identity Access Management Architecture -Mary Ruddy

Digital business relies on digital trust, enabled by identity and access management. It is an essential foundation of any organization’s business ecosystem. However, the dynamics of the fast paced digital economy compels digital businesses to be more flexible than they have ever been, in the current times.

Flexibility is inevitable for security and risk management leaders to meet changing organizational requirements. Evolve your IAM deployments to better fit the changing needs of your organization by taking into consideration six key IAM planning trends.

Chart </p>
<p>Description automatically generated” src=”” class=”fr-fic fr-dii” style=”width: 700px;”/></p>
<p><strong>no.  1: Connect Anywhere Computing to Drive Need for Smarter Access Control</strong></p>
<p>The transition to more remote, connected anywhere computing is placing greater demands on access management deployments.  Access management platforms must become increasingly sophisticated to differentiate between valid users and malicious bots or fraudsters without annoying legitimate users.</p>
<p>Also, organizations need to weave support for multiple options for user and device access as well as multiple generations of digital assets into a flexible modern identity infrastructure (identity fabric).  To reduce risk, implement best practices, such as multifactor authentication (MFA), zero-standing privileges and zero-trust architecture, if these are not already fully deployed.</p>
<p>Require MFA for all privileged access and ensure that MFA vendors support all needed use cases, such as voice, biometrics, phone-as-a-token and smart cards.  In addition, leverage adaptive access control, a context-aware access control that acts to balance trust against access risk, as a key element of zero-trust architecture.</p>
<p><strong>no.  2: Secure Digital Business Needs Improved User Experience </strong></p>
<p>With the number and importance of digital interactions increasing, the bar continues to rise on providing a great total user experience.  Gartner estimates that by 2024, organizations that do so will outperform competitors by 25% in satisfaction metrics for both customer and employee experience.</p>
<p>Organizations should create a cohesive strategy for all external users (consumers, business customers and partners).  For example, align IAM priorities with both business and IT priorities, deliver an omnichannel experience, and unify customer profile data.</p>
<p>In parallel, apply a zero-trust approach to your organization’s digital supply chain by, for example, providing end-to-end security and privacy protection of customer data and other digital ecosystem resources.  In addition, empower privileged users without sacrificing security by creating an identity for remote privileged users, which authenticates them every time they intend to perform administrative tasks or privileged operations.  Then use a shared account that is controlled by a privileged access management (PAM) tool.</p>
<p><strong>no.  3: Improved Focus on Keys, secrets, certificates, and machines </strong></p>
<p>The surge of the number of machines and their usage in hybrid and multicloud environments is forcing organizations to reframe their IAM strategies. </p>
<p>Raise the bar on secrets, keys and certificates.  Consider establishing a fusion team that gathers requirements, provides leadership, defines ownership, lays out guidance and sets reasonable expectations.  Determine the machine identities your organization is using and categorize them into two groups: devices and workloads.  Find organizational and technical ways for your IAM teams to integrate different teams’ tools of choice.</p>
<p>In addition, as adoption of robotic process automation (RPA) is increasing rapidly, it is important to manage software robot identities and govern their access.  Start by defining best practices and guiding principles for how to integrate RPA tools into the identity fabric, and treat RPA’s software robots as another workload that needs a machine identity. </p>
<p><strong>no.  4: Leveraging Latest IAM Development Guidelines Will be Inevitable for New applications and APIs </strong></p>
<p>Also ensure that new applications from all sources are securely developed, sourced and onboarded.  To do so, implement API access control — authentication and authorization of APIs — which is a vital part of API security, together with API discovery and API threat protection.  To be successful, define its strategy and establish a cross-functional team that involves practitioners, such as developers, DevOps teams, cloud, security and IAM, to help establish the right guardrails and API access control guidelines.</p>
<p>In addition, the move to zero-trust strategies is placing even more pressure on having good SaaS application/tool ​​acquisition and onboarding processes.  To ensure alignment across the entire application life cycle, improve coordination between your software acquisition teams (both central and divisional) and your IAM teams.</p>
<p><strong>no.  5: Ongoing Maintenance Will be Driven by Hybrid cloud and multicloud </strong></p>
<p>As organizations move more digital assets to decentralized multicloud environments and operate in a hybrid IT environment, it is critical to add mature automated compensating controls. </p>
<p>Integrate identity governance and administration (IGA), PAM and cloud infrastructure entitlement management (CIEM) solutions for consistent management and governance of identities and entitlements across all environments.  PAM and IGA integration is essential in securing and managing access to on-premises and cloud environments, where long-standing privileged accounts still exist.  CIEM offerings ensure that access to cloud infrastructure endpoints is actively controlled.  CIEM tools use analytics and machine learning to detect anomalies in account entitlements, such as dormant and excessive entitlements.</p>
<p>Creating a “single pane of glass” is not yet practical when managing identity in a multicloud environment.  Instead implement a single overarching framework for multicloud IAM that centralizes some functions, but leaves room for native tools, which is both achievable and desirable.</p>
<p><strong>no.  6: IGA functions will evolve to enable decentralized architecture</strong></p>
<p>The accelerated pace of digitalization and cloud adoption requires more support, including for identities in hybrid IT environments, identities in multiple cloud platforms and machine identities. </p>
<p>This drives the need for evolving IGA capabilities to align with a cybersecurity mesh architecture.  This evolution involves establishing an identity fabric using a standards-based connector framework across multiple computing environments, so that the organization can answer the question of who has access to what regardless of where the resources and users are located.  Provide better management and orchestration of access policies, and use cloud identity analytics for continuous governance.</p>
<p>Identity analytics can predict what resources users have access to, see how they are using their access rights, track unusual user behavior and initiate a remediation action to address behavior anomalies, thus reducing overall risk for the organization.</p>
<p>                                    <!-- Live Update --></p>
<p>                                    <!-- End of Live Update --></p>
<p>                                <!-- Partner Disclaimer --></p>
<p>                                <!-- End --></p>
<p>                                <!-- Magzine title --></p>
<p>                                <!-- End --></p>
<p>                                <!-- Disclaimer Guest Author --></p>
<p>Disclaimer: <i>The views expressed in the article above are those of the authors’ and do not necessarily represent or reflect the views of this publishing house.  Unless otherwise noted, the author is writing in his/her personal capacity.  They are not intended and should not be thought to represent official ideas, attitudes, or policies of any agency or institution.</i></p>
<p>                                <!-- End --></p>
<p>                                <!-- Disclaimer PTI --></p>
<p>                                <!-- End --></p>
<p>                                <!-- Composite Start -->   <!-- Composite End -->
<p><script type= !function(f,b,e,v,n,t,s) {if(f.fbq)return;n=f.fbq=function(){n.callMethod? n.callMethod.apply(n,arguments):n.queue.push(arguments)}; if(!f._fbq)f._fbq=n;n.push=n;n.loaded=!0;n.version='2.0'; n.queue=[];t=b.createElement(e);t.async=!0; t.src=v;s=b.getElementsByTagName(e)[0]; s.parentNode.insertBefore(t,s)}(window, document,'script', ''); fbq('init', '1743098172620936'); fbq('track', 'PageView');

New Technology Era

Leave a Reply

Your email address will not be published. Required fields are marked *