Introducing Six Sprints to IAM Success
14 December, 2022, by Natasha Free
Have you spent too long in the trough of disillusionment looking for a way out? Do you want to restart your journey to identity and access management maturity?
At Madigan Solutions, we spend a lot of time thinking about how we can help our customers realise the benefits of their IAM platform(s). So, we came up with the idea of providing some inspiration in the form of our new eBook: Six Sprints to IAM Success.
The purpose of the book is to help the downtrodden IAM technicians & stakeholders find some quick wins that will have them out of that trough and basking in the sunshine of better security and compliance.
When writing the book, we tried to work out what the key drivers were for re-examining your current identity & access management posture:
- Audit: “we suffered a breach and now we have to remediate a bucket-load of weaknesses”
- Risk Reduction: “we need RBAC because we have a high turnover of staff”
- Control: “we need to show the auditor that we know who has access to what and when”
- Time to market: “we need to automate and accelerate the onboarding (and offboarding) process”
- Integration: “we love M&A activities, but our IAM platforms don’t offer enough support in that arena”
- Costs: “have you seen our insurance premiums?”
If any of these are familiar, then Six Sprints to IAM Success has been written with you in mind.
The sprints are designed to help you achieve meaningful change in a two-week period. Each sprint has a warm-up to help equip you with the information you need before you start your sprint; and a cool-down to help you evaluate your sprint and prepare for Business-As-Usual greatness.
Sprint 1: Switch on Multi-Factor Authentication (MFA)
This sprint will help you to understand what you need to know to roll-out a Multi-Factor Authentication solution for a subset of users accessing some key critical assets. On successful completion you’ll be well equipped to tailor your MFA provider solution to meet your stakeholders’ requirements.
Sprint 2: Deploy password vaulting & privileged session management
Within the sprint, you will be able to deploy a PAM solution, automate the discovery of your assets, construct business processes for requesting access to privileged credentials and enable session recording for privileged access.
Sprint 3: Enable comprehensive third-party user management/governance
Do you have users that fall outside of your HR processes? Everyone does. You are in good company.
Within this sprint, you will be able to get access to a comprehensive third-party user management tool that will complement your existing identity governance and administration capabilities. Take control of those users for whom an authoritative source of identity information may not be available, once and for all.
Sprint 4: Gain deeper understanding with identity analytics & metrics
This sprint will help you define the analytics & metrics you and your stakeholders really need from your IAM solution. You will learn how to introduce mechanisms to glean more meaning from the information you already have, allowing you to better understand your risk exposure.
Sprint 5: Finally enable access requests that work for users
Identity governance programmes often achieve automation for the Joiner-Mover-Leaver (JML) process but fail to capitalise on defining roles and providing an access/entitlement request process that is consumable.
This sprint will help you better understand how you can discover the roles you are likely to have in your business, how you can publish those roles, and how those roles can be either requested or automatically assigned.
Sprint 6: Take control of risks effectively
This sprint will help you define, detect, and mitigate risks at point during authentication & authorisation events as well as account provisioning & discovery.
Quick start kits for defining risks and appropriate mitigating controls for your industry are readily available and consumable meaning your auditors and risk managers will be better informed of the risk profile of your business.
Summary
Download your copy of Six Sprints to IAM Success to find out how Madigan Solutions, in conjunction with IBM Security Verify solutions, can help you on your IAM journey.