Identity and access management policies
In many cases, adding personnel accounts and application is tedious, and involves inputting information about a new hire by hand, which could take days in some instances. Even then, some users may not have access to the applications they need, and often will have to log in using a colleague’s name and password while access was requested, cleared and granted. This is a huge security black hole for the enterprise. Implementing identity and access management software is a security process improvement that is essential in today’s corporate environment.
Identity and access management can also play a role in compliance issues. Using the native tools, all the audits involve the manual process of finding out who had access to what? Who authorized that access? When was it authorized? When was the last time they reset their password? Using an identity and access management application like the Active Directory Manager or the Active Directory Reporter will vastly improve and automate your audit process.
You may think a departed employee is gone forever, but if your organization doesn’t have a comprehensive identity and access management plan, you may be in trouble. Disabling user accounts during the employee termination process is a gaping flaw in most companies. Weeks, months and even years after an employee has left you can still see their names and personal information floating around. Compounding this security breach is the fact that in some cases, former employees’ accounts are still active. This access crisis can also happen when an employee changes jobs within the same company, but retains access to applications and information that isn’t appropriate for their new job anymore. If an identity and access management policy is too lax, it can create data loss and security breaches, and if the policy is too strict, employees who need access will simply find a way around it and defy the set policy.
If you’d like to talk more about the identity and access management policies in place at your company, please contact us directly.
Leave a Reply
Want to join the discussion?Feel free to contribute!