Is ROI the right way to fund Identity Projects
Nearly every vendor in Identity and Access Management will use the term “Return of Investment” somewhere in their marketing or sales message
How to Discover User Personas
Identifying user personas is a simple iterative process in which questions are asked to find differences between groups of users that may cause a different user experience or cause special handling. What that difference is, does not matter and is the importance is only decided upon once applied to a project.
How to Make IAM Projects Successful
Identity projects and products are very mature and therefore it is very easy to be lulled into the assumption that a product will meet all the requirements for an organisation. Only during installation and configuration it is realised that a product or solution will not solve all the issues. At this stage it is complicated and expensive to correct the issues.
What the Santander and TicketMaster hacks teach us.
Whilst the exact cause of the hacks has not been released officially, there are a number of clues from press releases that hint at the causes. Unfortunately, it is the same old, same old. Hackers took advantage of long known about weaknesses and ones that can be easily addressed. They were poor leavers process, too high a privilege for internal users and finally poor shared security model.
What is a Zombie or an Orphan Account
It is surprising to many people that these terms mean the same thing especially when you consider the day to day meaning of the two terms. An orphan conjures up an image of a poor child and invokes an emotional outpouring of love and sympathy. Zombies on the other hand, these un-dead creatures invoking emotions of fear and terror.
Why IAM Projects Fail
Failure can be a strong word and one that can often send people to see to a psychiatrist in a flood of tears. In a professional context, we like to refer to it as a “something we learn from”. If that is the case why do most IAM Projects fail to meet their original goals, despite vendors, consultants, implementation providers and organisations all having lots of “learning experiences” over the decades that IAM has been around.
The Fundamentals of IAM Automation
Automation is not often considered to be a fundamental part of an IAM solution, but by removing manual processes in the JML and Access Requests there are several important benefits.
Security is improved as it ensures greater accuracy and can alleviate human errors. User experience is improved as users are not waiting around for their access. Both have cost benefits by reducing the number of IT technicians and downtime for a user.
The Fundamentals of IAM Authorisation
Authorisation should be considered a separate and distinct set of functionalities compared to authentication. Modern platforms blur the two together, but just because a user is authentic it doesn’t mean they should have access to everything.
Fundamentals of IAM Auditing
Auditing should not be viewed as a necessary evil to satisfy compliance or invoke memories of nervous discomfort waiting for the teacher’s mark. People with higher privileges may feel unduly scrutinised by having their sessions captured, these sessions can help in training and diagnostics work.
The fundamentals of an IAM Architecture
Architecture may not be considered a fundamental part of an IAM solution. Functionally wise that may be true, however a good architecture will ensure an effective solution. Over and above the typical architecture considerations of resilience, security, performance, and maintainability additional thoughts have to be made for IAM specific functionality.
