Financial Topics for Review, Discussion & Comment in the Blog
« Following the Golden Goose or Creating a Golden Egg?Risky and yet so Very Rewarding »

Identity Management: Collaborative and Continuous

  01/11/10 07:31, by Len, Categories: Personal Financial Management, Risk Management

Source: Article by Mark Dunn, Director of Risk Management

We all like to think of ourselves as individuals – unique, one of a kind. With identity fraud on the increase, however, unless you safeguard your company's financial information religiously, you're bound to discover a whole new team of invisible employees who love using the company credit card. Worse still, give an identity fraudster access to company information and you might suddenly find competitors benefiting from highly “confidential” data. Putting a comprehensive identity and access management strategy in place is thus critical for any business…

For identity management to work and be truly effective in your company, it needs to be both collaborative and dynamic. This is because identity management has evolved from merely knowing who someone is, to controlling what they can do in your company, as well as where and when they can do it. As such, your company's identity management processes and systems have everything to do with allowing some people in, and keeping others out – hence the development of Identity and Access Management (IAM).
IAM is built on the premise of streamlining and simplifying the administration of access. It thus comprises the processes and technologies you choose to put in place to manage the digital identities of your employees, and control how these identities can be used to access data and information. In an ideal world, employee identities would be synchronised across all your systems, and your company would have an automated process for “issuing” these and discontinuing access as soon as employment is terminated. Sadly this does not correspond with the reality in most companies. What we typically see in the marketplace is how companies leave themselves vulnerable to fraudsters both within and without the company. This is usually due to a lack of policy and subsequent strategy when it comes to IAM – and a misconception as to who is responsible for this.

Companies need to realise that identity management is not a simple IT issue, but rather a business one. It extends well beyond giving a new employee a user name and password on a “post-it”. While technology will enable identity management, business has to guide this relative to operations. It thus needs to be integrated into the business process and managed from the top. If it isn't management driven it won't happen properly.

The starting point for your company's IAM systems and processes thus needs to be management's defining basic principles and then translating these into policy. Procedures and guidelines will be derived from these – which your technical team can then set about implementing using available technology. That being said, these need to revised and updated on a regular basis; revisiting systems that aren't working and strengthening those that do.

One of the most critical (and generally neglected) elements of your identity and access management strategy is that of communicating it to your employees and getting their co-operation and buy-in. By alerting them to the dangers of identity theft – and its potential implications and impact on both themselves and the company – employees will become active participants in and contributors to your strategy. In this way you will encourage and promote a safer, more secure working environment that protects not only your critical information, but also your employees themselves.

Instead of seeing Identity Access Management as a necessary evil then, companies should rather view it as an opportunity to manage and protect valuable resources more effectively. By putting comprehensive, collaborative processes in place and updating these on a continuous basis, you'll soon find that you not only know who is doing what where, but also have a real means of improving the IT security, knowledge and systems management of your organisation.

November 2017
Sun Mon Tue Wed Thu Fri Sat
 << <   > >>
      1 2 3 4
5 6 7 8 9 10 11
12 13 14 15 16 17 18
19 20 21 22 23 24 25
26 27 28 29 30    
Go to www.factualfin.com

Search

  XML Feeds

powered by b2evolution free blog software