We help you define, implement and manage identity and access to enterprise resources
Today it is common within the same enterprise different products and solutions are used for information processing and information access. These systems are often managed independently or within operational domains. De-centralized handling of users and access rights, results in information regarding users, privileges and roles spreading across the organization in an uncontrolled manner. It is increasingly difficult to obtain a complete overview of users, privileges and roles across domains, business units and applications. It is also increasingly common users are delegated more privileges than they really need and this introduces security risks.
In practical terms users require different user accounts and passwords for different domains and applications. To keep track of usernames and passwords, users frequently use short, easy to remember passwords or document logon information on post-its. Frequently there is no consistent usage of passwords or no password policy is enforced which results in risks associated with short passwords which are easily broken or passwords which are not changed at regular intervals.
There are significant hidden costs associated with account profiles, roles and privileges which are not centrally managed, and additional costs associated with inefficient and inconsequent authentication and authorization of users. In large organizations, a significant amount of help desk activities are related to issues with user authentication and authorization issues and problems. By working in a structured and organized manner, preferably using a security policy, Identity and Access Management provides efficiency of operations, centralized management of users, privileges and roles and improved security within the enterprise as a whole.
The objective of Identity and Access Management is to determine the identity and authorization of an entity. The goals of Identity and Access Management are first to establish, beyond reasonable doubt, the identity of an entity (usually a person or application) through a process of authentication; and second to establish the authorization (privileges or access rights) of the identity to resources.
An important factor, which is appreciated by end-users, is reducing the complexity of accessing various systems, applications or resources through the use of a single username and password. By introducing Single Sign On (SSO), users only require a single username and password to obtain a user profile which determines the users access and privileges to systems, applications and resource.
To help define the scope, purpose and objectives of identity and access management within your enterprise, Cybercom offers an “Identity and Access Management Roadmap”. Cybercom has the competence and experience to lead and implement identity and access management projects. This covers all activities from the identity and access management assessment, through hands on workshops, to the implementation of the necessary processes, technical solutions based on our own or third party products to the final handover to operational support.
Would you like to know more about the Identity and Access Management focus area?
Contact Thomas Sunesson, Cybercom Sweden East, + 46 708 25 00 75.