Friday, June 29

Filling the Gap in Identity and Access Governance

Identity and Access Management: Filling the Gap in Identity and Access Governance

Traditional identity solutions focus on access to applications, but that misses as much as 80 percent of corporate data.

We’ve entered the age of access governance. Organizations need to know who has access to what data and how they were granted that access. Identity and Access Governance (IAG) solutions address these issues while managing enterprise access. They provide visibility into access, policy and role management, and risk assessment—and they facilitate periodic entitlement reviews of access across numerous systems. Most enterprise IAG solutions are missing a key piece to the puzzle, though: unstructured data.

[Read the full article in TechNet Magazine]

1 comment:

ich said...

Hey Matt

Nice article. Due to the fact that it's posted in the Technet Magazine it's related onyl to Active Directory, but overall it applies also to environments driven by other directory services such as OpenLdap or whatever. The challenge stays the same.

I like the 6 step model into Access Governance, but at the end it opens up the following questions:
1) How are user account provisioned to access granting roles in out of an controled environment?
2) How would the provisioning process itself fit into the governance piece?

I think the answer is pretty simple: You'll need an deep integration of IAG and IAM to achieve the long term goals forcing IAG projects.