Identity and Access Management
Digital Transformation used to mean just being online as a company; now it’s now the buzzword for leveraging all those other buzzwordy Cloud things like SaaS and containers. The bottom line is that the Cloud is here to stay and as a result, company assets outside of the company network continues to grow while what’s inside the company network and behind the firewall continues to shrink.
How do we protect those assets we no longer have direct control of?
Castle Fortress Mindset
The idea of a business protecting its assets (castle) behind an internal network (moat) and only allowing access through a firewall (drawbridge) is the familiar model we’ve had for decades. As the business grows, the castle gets larger, the drawbridge gets more traffic, and it’s not as easy as it used to be to understand who is inside the courtyard, or worse, already in the castle. But are all of the critical assets inside the fortress?
Once besieged, the realization that more critical assets (food) are outside the moat than inside.
So what’s a proper potentate to do?
The smart sovereign worries less about where the people are and enacts process and procedures to be sure of who everyone is.
Pillars of Identity and Access Management
Assets
In the end it’s all data, but that data can live in many places:
- applications
- databases
- files
Identities
Where are your identities kept? Enable a single “source of truth” for employees and non-employees.
- Human Resources system
- Active Directory
- Azure Active Directory
Governance
Governance is where policy and action intersect. Who has access and is that access appropriate?
- process controls and policy
- least-privilege access
- Access Reviews
- timely offboarding