- Editor's letterIs your identity management up to the task?
- Cover storyNew tech steers identity and access management evolution
- InfographicIoT cybersecurity: Do third parties leave you exposed?
- FeatureFitting cybersecurity frameworks into your security strategy
- ColumnFor board of directors, cybersecurity literacy is essential
- ColumnThe must-have skills for cybersecurity aren't what you think
Is your identity management up to the task?
IAM is an organization's best defense for its weakest link, end users. Make sure you're following the right framework and keeping your tools honed and ready for battle.
- Ben Cole, Executive Editor
Hackers seeking a way into enterprise IT networks continue to target what is typically the weakest link in the cybersecurity chain: end users. This has made identity management capabilities a pillar of modern companies' cybersecurity strategy, as the ability to restrict access to legitimate users based on digital identities has become essential to protecting systems and data.
An identity management frameworks help enterprises control user access to critical information. Administrators can regulate individual access to systems, networks and data based on the users' role in the enterprise. The goal is to keep vulnerable information, applications and resources safe by only allowing those with appropriate administrative duties access to them.
It is vital that company leaders remember the management part, however. The mobile workforce, cloud computing and IoT continue to disrupt businesses' IT processes. More devices and services require the development of increasingly complex frameworks outlining specific access privileges throughout the organization. Users can also include employees, customers, contractors and other third parties that need access to particular data and services, further complicating identity management.
Mismanagement of these frameworks will only increase risk to security and regulatory compliance. For example, the information included in identity and access management (IAM) tools and platforms must be secured correctly. If not, all of the companies' digital identities could be compromised. Another important element for IT pros to remember is to keep these tools updated, especially as IAM technology -- such as unified endpoint management and AI-driven authentication tactics -- continue to rapidly evolve.
When identity management is done correctly, it can go a long way to securing the enterprise data. It's not easy, of course, and will require a delicate balance and communication between the company's IAM leader, its cybersecurity team and its IAM vendors. In this issue of Information Security magazine, we'll explore real-world examples of how companies are achieving this balance and incorporating identity management capabilities to improve cybersecurity processes. Enjoy the magazine and then take this quiz; pass it and you’ll receive CPE credit.
- MicroScope – February 2021: The forecast on channel security –MicroScope
- Computer Weekly Buyer's Guide: Identity and Access Management –TechTarget ComputerWeekly.com
- Cloud IAM: Is it worth the move? –TechTarget Security
- Extended Enterprise Poses Identity and Access Management Challenges –TechTarget Security