tag:blogger.com,1999:blog-21995415.post5539550664257962926..comments2024-02-01T11:08:01.659-05:00Comments on Matt Flynn: Information Security | Identity & Access Mgmt.: Identity OfficerMatt Flynnhttp://www.blogger.com/profile/09902381553517250020noreply@blogger.comBlogger2125tag:blogger.com,1999:blog-21995415.post-47622793404021873582013-07-02T10:42:56.014-04:002013-07-02T10:42:56.014-04:00Matt,
Good points, and not just because you refer...Matt,<br /><br />Good points, and not just because you referenced me! :)<br /><br />Between Access Management, Security, User Provisioning, Compliance, Certification, Federation and all of the other issues in today's IDM/IAM space, the Identity Officer makes more sense than ever. Adding in new standards and SSO methodologies that will only blur the line between one's personal, business and other forms of identity will only make this more complicated.Matt Pollicovehttps://www.blogger.com/profile/11479416427404291100noreply@blogger.comtag:blogger.com,1999:blog-21995415.post-48337316430432839182013-07-02T10:27:01.886-04:002013-07-02T10:27:01.886-04:00BTW, an Identity Officer could improve security as...BTW, an Identity Officer could improve security as well. Because identity data is so sensitive, the number of identity data stores should be as few as possible. Data should be redacted when appropriate and only exposed as-needed. Non-production systems should only use masked data. And identity data stores should be protected with encryption, internal access controls, etc. Encryption solutions typically have a master key that needs to be owned by someone. The Identity Officer role could own the keys and manage policies that restrict access to identity data even to the teams that build and manage the IAM systems.Matt Flynnhttps://www.blogger.com/profile/09902381553517250020noreply@blogger.com