Skip to content
All about technology.

Identity management is finding its allure in biometrics, but effectiveness remains questionable, according to Kevin Cunningham of Sailpoint.

Exploring Identity and Access Management: While biometrics like iris scans are commonly associated, there's a broader spectrum to this topic.

 and  Administrator
3 min read
Identity management gets a sultry makeover with biometrics, yet proves less efficient according to...
Identity management gets a sultry makeover with biometrics, yet proves less efficient according to Kevin Cunningham, Sailpoint.

Identity management is finding its allure in biometrics, but effectiveness remains questionable, according to Kevin Cunningham of Sailpoint.

In today's digital landscape, the importance of a robust Identity and Access Management (IAM) program cannot be overstated. As enterprises grapple with the ever-expanding universe of applications, ranging from mobile devices to cloud and Software as a Service (SaaS) solutions, IAM has emerged as a high-level priority.

A modern IAM program is built upon four key components: Identity Management (IdM), Access Management, Access Governance and Monitoring, and Privileged Access Management (PAM).

  1. Identity Management (IdM): Establishing and maintaining digital identities for all users and systems is the foundation of IAM. This includes onboarding, role assignment, profile data storage, and account deactivation. Authentication methods such as passwords, biometrics, and digital certificates verify identities to establish trust before access.
  2. Access Management: Once identities are verified, access management comes into play. This governs user activities, enforcing access controls based on predefined roles and policies, enabling Single Sign-On (SSO) for user convenience, and implementing Multi-Factor Authentication (MFA) for enhanced security. Support for identity federation protocols like OAuth, SAML, and OpenID Connect (OIDC) is critical for integration with external systems and cross-domain access.
  3. Access Governance and Monitoring: Ensuring ongoing compliance with corporate policies and regulations is crucial. This involves periodic entitlement reviews, access certifications, and audit logging. This provides visibility into user access patterns, helps detect abnormal behaviours, and supports incident response and compliance reporting.
  4. Privileged Access Management (PAM): Securing accounts with elevated privileges (e.g., administrators) is paramount. PAM includes secure credential vaulting, real-time session monitoring, and just-in-time access controls to minimise the attack surface and damage potential during breaches.

Implementation strategies typically involve User Lifecycle Management, adopting Zero Trust Principles, technology integration, robust authentication mechanisms, continuous monitoring and auditing, and privileged access controls.

However, it's important to note that technology is just one piece of the puzzle in defending against cyber attacks. The people and process element seems to be the bigger struggle, with many organisations requiring a complete culture shift. An effective and mature enterprise-class IAM program is now viewed as an ongoing program with its own budget and staff due to the never-ending nature of managing access.

The lack of a good IAM program can directly result in data breaches. In 2014, IAM was widely described as 'the year of the data breach', and 2015 does not look to be any less prolific. Many well-publicized data breaches can be traced back to a lack of visibility and control, either from insiders abusing privileges or external hackers hijacking dormant accounts.

As we move forward, we will not see an IDaaS-only world, but we will see a significant tipping point towards the adoption of IDaaS solutions in the enterprise. IAM touches many different areas of a company, so having good processes in place is very important to allow collaboration across an organisation - across business and IT.

In conclusion, a robust IAM framework enhances security, enables compliance, and improves operational efficiency across the enterprise. Audit committees are alerted whenever there is a deficiency in IAM, and it is a very hot topic within enterprises. The IAM market is the hottest it's ever been due to the dispersed security perimeter brought about by mobile and SaaS apps, which have created numerous new access points. A good IAM will improve the journey because it can make you faster in the areas that usually slow you down. Organisations often have to deal with a diverse set of resources that require pulling information from different types of applications, and evolving individual usernames into a single computer identity can be a challenge. But with the right strategies and tools, these challenges can be overcome, ensuring a secure and efficient digital future for businesses everywhere.

  1. The integration of IAM solutions in the enterprise, such as Identity as a Service (IDaaS), can streamline the process of managing identities, access, and authentication across diverse business and technology landscapes, thereby improving operational efficiency in the finance and business sectors.
  2. As enterprises continue to adopt cloud, mobile, and SaaS solutions, the need for a comprehensive and robust IAM program becomes more critical to protect sensitive financial data from cyber attacks, with potential data breaches traceable back to insufficient IAM practices in many cases.

Read also:

    Related

    Latest