News Categories

IAM within the framework of defence in depth

IAM within the framework of defence in depth

Views: 2619

If it is deployed correctly, identity and access management is among the plethora of techniques that can help to secure enterprise IT

IAM within the framework of defence in depth

By

Cliff Saran, Managing Editor

Published: 25 Nov 2024

IT leaders should address their internal processes to minimise their organisations’ IT security risk exposure and attack surface. This becomes ever more complex as business IT environments evolve.

Leaders not only need to consider which employees and job roles require access to which IT systems, but also non-human access controls where either an internal or external system is granted access to a given IT resource.

However, as Varun Prasad, vice-president of ISACA San Francisco Chapter and an ISACA emerging trends working group member, points out, companies tend to overlook or rush through certain traditional access management processes due to the ever-increasing size and complexity of their IT landscape.

“It is important to periodically review access authorisations to all assets in the environment by appropriate management personnel,” says Prasad, adding that this should not be a “checkbox” activity but should involve a thorough evaluation of access entitlements to detect privilege access creep .

Prasad believes the accounts and authorisations included in the review should go beyond those that provide access to production systems. It should also include all non-human identities and where access to source code repositories, keystores, secret vaults and datastores is needed.

Given that human error is often the main reason for cyber security incidents, Prasad recommends automating key processes such as account provisioning, deprovisioning and access reviews. Another good practice he recommends is interfacing the organisation’s centralised identity access management (IAM) platform with the corporate human resource management system, which offers a way to automate the offboarding of employees.

It is important to periodically review access authorisations to all assets in the environment by appropriate management personnel Varun Prasad, ISACA

“The access review process should also be automated at periodic intervals to ensure all access rights are commensurate with job responsibilities,” he adds.

While social engineering is a well-understood attack vector for stealing someone’s password, Prasad notes that analysis of recent cyber attack patterns shows that by using phishing and social engineering, cyber attackers are also able to steal the unique codes generated to access systems that use multifactor


Discover more from 25finz, L.L.C

Subscribe to get the latest posts sent to your email.

Social Media Auto Publish Powered By : XYZScripts.com

15% Off Everything

Days
Hours
Minutes
Seconds

Starting 11/18-11/29