The Fast Track to Regulatory Compliance: Lean, Efficient, and User-Centric Access Governance
- LANGUAGE: English DATE: Tuesday, April 09, 2019 TIME: 4:00pm CEST, 10:00am EDT, 7:00am PDT
Various regulations mandate businesses not only to implement an IGA (Identity Governance & Administration) solution, but as part of that to regularly review their access entitlements across the entire IT landscape, starting with an initial clean-up. This can result in complex projects with multi-year initiatives on defining business roles and cumbersome access review (recertification) processes, which annoy the business users. Factually, such approaches even might fail in fulfilling the regulatory requirements, just because they never get done and used.
Alternatively, businesses can take the fast track: Focusing on efficient and lean approaches that meet the regulatory requirements, but work for the business users – approaches that make use of what business already have, be it a legacy Identity Provisioning tool or ServiceNow running as a cloud service. The target is to homogenize and correlate the as-is state of the various systems across the IT landscape and irrespective of the deployment model, identify the gaps, enforce SoD controls, deliver reports and enable recertification. That recertification must remain agile, focused on risk situations and the entitlements that have changed since the last review, based on the actual entitlements in the target systems, and done in a way that fulfills the regulatory demand. It also needs to integrate.
This can be done in a lightweight manner. It is time to rethink complex IGA approaches that try to cover everything, resulting in cumbersome, long-running projects, and consider alternative approaches that build on a combination on focused tools for rapid success.
In this webinar, we will discuss:
- The essentials of IGA: What you really need and what really works in practice
- Alternative approaches on IGA and the interplay with other services such as ITSM
- How to make Access Governance and specifically access reviews work
- How to build upon what you have, be it a legacy Identity Provisioning or ServiceNow, for delivering a rapid solution
In the first part, Martin Kuppinger, Principal Analyst at KuppingerCole, will look at the current state of IGA and specifically Access Governance and talk about lessons learned of what works and what causes problems in projects. He will further look at alternative architectures and compare these.
In the second part, Laurent Berns of Kleverware, will demonstrate an approach for a fast track solution for Access Governance that works stand-alone, in integration with existing IGA and Identity Provisioning tools, and with ServiceNow.
Kleverware provides solutions to help supervisors and managers be sure they are in compliance to standards and regulations. Post-assessment, the resulting instructions relayed by auditors (Internal Control or Account Auditors) are becoming increasingly drastic. To ensure maximum security, Kleverware IAG reduces the risks customers may encounter by providing flexible solutions.
There is growing interest in deception as a methodology and as an integral part of cybersecurity architecture, as organizations seek more effective approaches for detecting and responding to threats in real time. Distributed Deception Platforms have made this approach practical and affordable for the first time, but choosing the right solution can be challenging.