Simple Question: Who has access to what?

Who has access to what?.. a simple question, but one that is not so easy to answer for a lot of companies... Companies compelled to answer this question and meet their regulatory obligations.Warehouse

Siloed IT departments, mergers and acquisitions, employee transfers, contractors hired to full time positions, and terminations can all lead to proliferation of invalid access.  Getting a handle on who has access to what is often times a difficult task that requires cross-departmental cooperation and process development to even gather the data.  Once gathered, correlation of accounts to an actual person or "subject" needs to occur, and is also not an easy task.

We often overlook the value of gathering Identity data.  In a recent face-to-face meeting with Ian Glazer of the Burton Group, he referred to this as "Identity Gold", and I completely agree.

This step is the foundation for Access Certification, Role Mining, Entitlements Management, Policy Evaluation, Identity Auditing, Provisioning, Password Management (thanks Ian) and numerous other custom services developed by our customers.

Simple Answer: Build an Identity Warehouse... next question: Is this access correct?

Posted on: Sep 03, 2008

Posted by: mhamlin

Category: Identity Management

Permanent link to this entry

Comments:

Post a Comment:
  • HTML Syntax: NOT allowed

This blog copyright 2009 by mhamlin