The Fast Track to Regulatory Compliance: Lean, Efficient, and User-Centric Access Governance
- LANGUAGE: English DATE: Tuesday, April 09, 2019 TIME: 4:00pm CEST, 10:00am EDT, 7:00am PDT
Various regulations mandate businesses not only to implement an IGA (Identity Governance & Administration) solution, but as part of that to regularly review their access entitlements across the entire IT landscape, starting with an initial clean-up. This can result in complex projects with multi-year initiatives on defining business roles and cumbersome access review (recertification) processes, which annoy the business users. Factually, such approaches even might fail in fulfilling the regulatory requirements, just because they never get done and used.
Alternatively, businesses can take the fast track: Focusing on efficient and lean approaches that meet the regulatory requirements, but work for the business users – approaches that make use of what business already have, be it a legacy Identity Provisioning tool or ServiceNow running as a cloud service. The target is to homogenize and correlate the as-is state of the various systems across the IT landscape and irrespective of the deployment model, identify the gaps, enforce SoD controls, deliver reports and enable recertification. That recertification must remain agile, focused on risk situations and the entitlements that have changed since the last review, based on the actual entitlements in the target systems, and done in a way that fulfills the regulatory demand. It also needs to integrate.
This can be done in a lightweight manner. It is time to rethink complex IGA approaches that try to cover everything, resulting in cumbersome, long-running projects, and consider alternative approaches that build on a combination on focused tools for rapid success.
In this webinar, we will discuss:
- The essentials of IGA: What you really need and what really works in practice
- Alternative approaches on IGA and the interplay with other services such as ITSM
- How to make Access Governance and specifically access reviews work
- How to build upon what you have, be it a legacy Identity Provisioning or ServiceNow, for delivering a rapid solution
In the first part, Martin Kuppinger, Principal Analyst at KuppingerCole, will look at the current state of IGA and specifically Access Governance and talk about lessons learned of what works and what causes problems in projects. He will further look at alternative architectures and compare these.
In the second part, Laurent Berns of Kleverware, will demonstrate an approach for a fast track solution for Access Governance that works stand-alone, in integration with existing IGA and Identity Provisioning tools, and with ServiceNow.
Kleverware provides solutions to help supervisors and managers be sure they are in compliance to standards and regulations. Post-assessment, the resulting instructions relayed by auditors (Internal Control or Account Auditors) are becoming increasingly drastic. To ensure maximum security, Kleverware IAG reduces the risks customers may encounter by providing flexible solutions.
Cloud computing and mobile workforces have resulted in an expanding attack surface and a complex web of identify information. This means that traditional perimeter-based security models are no longer effective. A Zero Trust model of strict access control for every user and device enables businesses to be connected and secure, but an effective identity-focused approach is essential.