4 July 2019
While digging around our eco system, researching what is going on and who is doing what, we came across insights that are too good not to pass on. So here goes for your reading pleasure.
“When employees move around from network to network and repeatedly swap devices, their risk characteristics change. Currently, we take a binary approach to IAM, where access is granted or denied, and it’s no longer sufficient.”
“Identity is the missing third leg on the stool with security and privacy. Neither security or privacy professionals can fully meet their challenges without digital identity because digital identity practices give assurance that authorization is correctly executed.”
“By 2020, the majority of enterprises will use attribute-based access control (ABAC) as the dominant mechanism to protect critical assets, up from less than five percent today.”
“Hackers are still using weak credentials and identity and access management policies to gain access to systems and cause havoc.”
“While individuals can often be the weak link by creating terrible passwords or succumbing to the most basic of phishing scams, there needs to be some checks and balances in place to provide better passwords, ensure the people are who they claim to be and remove some of the burden from the end user.”
“Supervisory control and data acquisition systems have yet to catch up in terms of adequate identity and access management safeguards, increasing cyber vulnerability associated with direct and indirect remote access.”
“A combination of mobile device and cloud use renders existing network perimeters obsolete, so security policy enforcement decisions must be driven by identity attributes (i.e., user identity, role, device identity, location, etc.) rather than IP packet attributes… CIOs may not want to hear this, but it’s time to think about a two- to three-year project to overhaul their entire IAM infrastructure.”
“While it’s not difficult to build new security approaches into new applications that reside on the cloud, the harder aspect of IAM is to extend this security model into traditional IT. Security should be consistent and systematic, which in most traditional systems, it is not.”
“It’s important to review security as identity-centric. You give a person certain roles and business roles and that changes as they move throughout the organization. In regard to access and authorization management, you must think about the identity and make sure that you have a single identity for an individual.”
“Accountably is assured with an IAM solution because accounts are created with appropriate access rights for an individual – exactly what they need to perform their jobs – not too much and not too little. Taking this further, accounts are also disabled and access rights revoked in a timely fashion when an employee leaves an organization.”
As thoughtful as those quotes are, IAM and authorization also deserve longer explanations and deeper thought. For that, you’ve come to the right place. Continue to follow us for the latest and most in-depth news on IAM.
© All Rights Reserved 2019 PlainID