Hello, Bilal Alhmoud here with you,
I find it interesting that in almost every article discussing Identity and Access Management (IDMS) solutions, the operational efficiency and complexity reduction is the winner point when it comes to evaluate implementing such solutions or not. A little emphasis is given to the information protection that such solutions can provide.
“Why should I care?” if you’re an administrator, you probably heard this response one way or another out of your management members when presented with an IDMS solution, especially when you try to glorify how such systems can make your life easier as an administrator. Well, to win your management heart, you shouldn’t mistakenly make it all about you! To present the solution more clearly, it’s more appropriate to think about the IDMS system as a blueprint of a corporate office, it shows the rooms in which each person can enter, what type of keys are needed to gain access into those rooms, and what actions can be performed once a person successfully enters a room. To put it in computer language, the room will represent a file, database or an application. Keys will represent the privileges that administrators decide to hand out to every person (or user). Like this form of building security, IDMS systems are the most important form of information protection that corporate networks can use. Yet, unfortunately it’s the least used security practices and if used, it’s usually improperly implemented.
If you are a management personal, can you really afford having your employees wander through your network virtually unnoticed? Can you really accept having outside invaders to dig into your files and databases? Your sensitive information to end up as candies in your competitors’ inboxes? Trust me it’s not a science fiction, you can never imagine how far people can go to have a sneak preview of your financial or marketing plans for the future. And without proper security technologies and practices you’re just inviting everyone aboard!!
It’s fair to shed a light over other benefits an IDMS system can provide beyond the obvious security enhancements; it definitely improves the business processes and makes it much easier to share information. With such systems in place, employees as well as contractors can access the same information networks with a sense of assurance that the correct type of information is accessed when needed and only by users who need it, and it opens wide doors to have a real integrated environment which can make the idea of single sign-on to have some sense again, which you should know by now, is virtually impossible if you have incompatible systems and networks that lacks the use of standard practices.
With all this, I hope you have one question on your mind: “How do I get started?!” well, if you really want to bring order out of chaos, start with conducting an inventory of your systems, what information do you store, where to do you store it, how do you currently control the access to your systems. But be advised that this will draw some resistance from your systems administrators; they’ll tell you it’s complicated to integrate with any commercial identity management tool. Well, they are not totally wrong, it can take time, IDMS is all about having a consolidated access control. Normally this control is application-based done by fragments all over the environment, which can be a nightmare to manage. The trick is to have a central view of this access, which can be time-consuming at the early stages of implementing an IDMS system, but once in place, IDMS can automate and accelerate the process of authorizing employees against different applications. It will be the single place to create or modify accounts, as well as approve or deny access to those applications. This will make up for all the effort! Having a successful implementation of an IDMS will give you the power to implement a real time monitoring, with a power to remove any improper access. It’s all about having order again!
Bilal Alhmoud
Senior Consultant – Core Infrastructure
QME Software
