Identity Management Day is about raising awareness of the importance of identity management and securing digital identities, and sharing best practices to help organizations and consumers #beidentitysmart. As part of Identity Management Day, April 13th, 2021, we are proud to recognize individuals and organizations who are prioritizing identity management and security as Identity Management Champions.
We asked our Identity Management Champions “What is the biggest challenge facing your customers related to identity management/identity security and what one piece of advice would you give them?” Below is our fourth installment of advice from these champions. Make sure to check out the previous Identity Management Day blogs.
“The shift to the cloud has fundamentally changed the way we approach security. The security paradigm has changed and it’s critical for companies to update their strategies accordingly. An organization not only needs to inventory its person and non-person identities, as well as what they can and are doing, but needs to continuously monitor them. The once a quarter reviews are dead. Along with this, it is critical for a company to know at all times where their data is, who has access to it and what an identity does with the data. No longer is it about getting to least privilege and least access, it is about continuously staying there and getting notified whenever something changes. Companies that fail to mature their security with this paradigm shift will be left picking up the pieces after a breach.”
Eric Kedrosky, CISO and Director of Cloud Security, Sonrai Security
“Now that organizations have so many users working from home, they are facing new challenges in both access rights and authentication security.
SecurID’s advice: Take a step back now that the dust has settled a bit from 2020 and truly assess where your weaknesses lie both in granting work from home access and what data and systems your key users still need for their roles.”
Ebbonie Kirk, Account Executive, SecurID, an RSA Business
““One of the biggest challenges our customers face is wanting to simplify their identity framework and provide access to the right people, for the right things, at the right time. More specifically, enterprises are grappling with how they can solve the problem of establishing trust with remote employees who are accessing distributed SaaS and on-premise applications outside of a secure and centralized corporate network.
For organizations interested in adopting a zero-trust model, we recommend that our customers choose a strong identity provider early on and think about how it impacts the overall business lifecycle. A comprehensive identity solution will provide users with a seamless onboarding experience and deliver a high level of assurance to prove that users accessing your corporate infrastructure are who they say they are. Looking at identity management from a holistic lens can help streamline business operations, with a high degree of trust, and ensure that organizations are set up properly early on so they don’t have to face added complexities and costs later down the line as the organization grows.”
Andrew Vitollo, Sr. Solutions Engineer – Strategic Partnerships, Yubico
“The biggest challenge I’ve seen with my customers is around how to prioritize all of that identity work on their plates. Combined with the idea that they may not have their arms around every business process impacted by their identity program, this challenge can often feel overwhelming.
My recommendation is that every organization assess their identity program using the IDSA’s Best Practices using the Capability Maturity Model as a guide. The CMM provides a way to determine where you are today vs. where you want to be, while the IDSA Best Practices ensures that you’re taking a holistic view of your identity program. By presenting the output from this assessment to your security, risk, and/or identity steering committee, you’ll be able to move forward with organizational support and with an assurance that you’re focusing on those initiatives that are the most meaningful to your business.”
Jerod Brennen, Identity Strategy and Solutions Advisor, SailPoint
“One of the biggest challenges in higher education is dealing with non-standard assignment to roles and access to services. Standardized roles and service assignments are critical for automating processes during implementation.
Most projects don’t wade into those murky waters or do it well enough to lessen the inevitable activities that will require messy human interventions. What is often missing is the step of creating governance for identities, roles, and services associated with those roles. This governance is the foundation for rules that help support automation and properly manage exceptions. In the absence of governance, IT is left to fill this gap with their best understanding of how to manage roles and service assignments.
Institutions should take the time to bring together leaders with management responsibility for campus constituent groups (such as HR, Provost, Student Life) and major service owners responsible for physical and electronic access to services across the institution. With the right group you can determine major roles and services associated with each role, processes for onboarding, transitioning, and offboarding people, as well as processes for handling exceptions.”
Cathy Bates, Vice President, Vantage Technology Consulting Group
Thanks to all our Identity Management Champions! We’ll continue to share advice from this community, so stay tuned! Also check out other advice in support of Identity Management Day from the Identity Defined Security Alliance and National Cyber Security Alliance.