Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

5/6/2010
03:32 PM
Connect Directly
Twitter
LinkedIn
RSS
E-Mail
50%
50%

7 Steps To Better Identity Management

Here's what you need to know about managing employee identities in this age of outsourcing and SaaS.

InformationWeek Green - May 10, 2010 InformationWeek Green
Download the entire May 10, 2010 issue of InformationWeek, distributed in an all-digital format as part of our Green Initiative
(Registration required.)
We will plant a tree
for each of the first 5,000 downloads.

7 Steps To Better Identity Management Managing employees' identities, passwords, and access rights has always been a challenge. And now, increased use of outsourcing and software-as-a-service offerings have further complicated things, requiring the use of federated identity management outside the corporate walls.

Setting up and managing federated IDM, which makes users' identity data portable across autonomous security domains, can be complicated and cumbersome. With distributed systems, employees around the globe, and an endless number of technologies to integrate, it's not for the faint of heart.

But if planned properly, there are significant benefits, including improved security, reduced operational overhead, lower support costs, and a better user experience. Identity management lets IT understand who users are, what applications and networks they have access to, and in most cases their job functions. It enables the complete management of an identity, versus providing an isolated view of a single account in a single system.

The key is to understand what identity management technologies are in your environment, how people interact with them, and how they all tie together. What follows are seven steps for tackling these issues and improving the control you have over your environment.

What Are You Managing?

Before you can manage user identities, step one is to know what you're managing. Your identity management approach will depend on how much you have to spend, the technologies that require identity management, and how sophisticated and comprehensive the system needs to be.

Does your company need basic user admin support, or everything from provisioning new users to single sign-on to deprovisioning of users who've left? If your company's growing, adding locations and employees, opting for SaaS applications instead of bringing more applications in-house, then you're better off with more automation of current IDM processes than spending money to bring in new solutions.

Fully automating the provisioning and deprovisioning of employees will cut back on mistakes, provide better security, and result in fewer audit issues. You can go a step further and create templates and expiration dates for employee accounts for application and network access; that will make your auditors happy.

If your company gives system access to outsourced partners, particularly third-party developers with high turnover, then automation is critical. Too often, contractors' accounts are left active long after they leave, or new contractors use the account of the person they replaced because the access provisioning process is so painful.

To read the rest of the article,
Download the May 10, 2010 issue of InformationWeek



Never Miss A Report

Become an InformationWeek Analytics subscriber: $99 per person per month, multiseat discounts available

Get All Our Reports

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
US Turning Up the Heat on North Korea's Cyber Threat Operations
Jai Vijayan, Contributing Writer,  9/16/2019
MITRE Releases 2019 List of Top 25 Software Weaknesses
Kelly Sheridan, Staff Editor, Dark Reading,  9/17/2019
Preventing PTSD and Burnout for Cybersecurity Professionals
Craig Hinkley, CEO, WhiteHat Security,  9/16/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
7 Threats & Disruptive Forces Changing the Face of Cybersecurity
This Dark Reading Tech Digest gives an in-depth look at the biggest emerging threats and disruptive forces that are changing the face of cybersecurity today.
Flash Poll
The State of IT Operations and Cybersecurity Operations
The State of IT Operations and Cybersecurity Operations
Your enterprise's cyber risk may depend upon the relationship between the IT team and the security team. Heres some insight on what's working and what isn't in the data center.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-9717
PUBLISHED: 2019-09-19
In Libav 12.3, a denial of service in the subtitle decoder allows attackers to hog the CPU via a crafted video file in Matroska format, because srt_to_ass in libavcodec/srtdec.c has a complex format argument to sscanf.
CVE-2019-9719
PUBLISHED: 2019-09-19
A stack-based buffer overflow in the subtitle decoder in Libav 12.3 allows attackers to corrupt the stack via a crafted video file in Matroska format, because srt_to_ass in libavcodec/srtdec.c misuses snprintf.
CVE-2019-9720
PUBLISHED: 2019-09-19
A stack-based buffer overflow in the subtitle decoder in Libav 12.3 allows attackers to corrupt the stack via a crafted video file in Matroska format, because srt_to_ass in libavcodec/srtdec.c misuses snprintf.
CVE-2019-16525
PUBLISHED: 2019-09-19
An XSS issue was discovered in the checklist plugin before 1.1.9 for WordPress. The fill parameter is not correctly filtered in the checklist-icon.php file, and it is possible to inject JavaScript code.
CVE-2019-9619
PUBLISHED: 2019-09-19
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.