The Fast Track to Regulatory Compliance: Lean, Efficient, and User-Centric Access Governance
- LANGUAGE: English DATE: Tuesday, April 09, 2019 TIME: 4:00pm CEST, 10:00am EDT, 7:00am PDT
How to Rapidly Clean Up Entitlements, Continuously Managing Their State, and Doing Lean Access Reviews
Various regulations mandate businesses not only to implement an IGA (Identity Governance & Administration) solution, but as part of that to regularly review their access entitlements across the entire IT landscape, starting with an initial clean-up. This can result in complex projects with multi-year initiatives on defining business roles and cumbersome access review (recertification) processes, which annoy the business users. Factually, such approaches even might fail in fulfilling the regulatory requirements, just because they never get done and used.
Alternatively, businesses can take the fast track: Focusing on efficient and lean approaches that meet the regulatory requirements, but work for the business users – approaches that make use of what business already have, be it a legacy Identity Provisioning tool or ServiceNow running as a cloud service. The target is to homogenize and correlate the as-is state of the various systems across the IT landscape and irrespective of the deployment model, identify the gaps, enforce SoD controls, deliver reports and enable recertification. That recertification must remain agile, focused on risk situations and the entitlements that have changed since the last review, based on the actual entitlements in the target systems, and done in a way that fulfills the regulatory demand. It also needs to integrate.
This can be done in a lightweight manner. It is time to rethink complex IGA approaches that try to cover everything, resulting in cumbersome, long-running projects, and consider alternative approaches that build on a combination on focused tools for rapid success.
In this webinar, we will discuss:
- The essentials of IGA: What you really need and what really works in practice
- Alternative approaches on IGA and the interplay with other services such as ITSM
- How to make Access Governance and specifically access reviews work
- How to build upon what you have, be it a legacy Identity Provisioning or ServiceNow, for delivering a rapid solution
In the first part, Martin Kuppinger, Principal Analyst at KuppingerCole, will look at the current state of IGA and specifically Access Governance and talk about lessons learned of what works and what causes problems in projects. He will further look at alternative architectures and compare these.
In the second part, Laurent Berns of Kleverware, will demonstrate an approach for a fast track solution for Access Governance that works stand-alone, in integration with existing IGA and Identity Provisioning tools, and with ServiceNow.
Kleverware provides solutions to help supervisors and managers be sure they are in compliance to standards and regulations. Post-assessment, the resulting instructions relayed by auditors (Internal Control or Account Auditors) are becoming increasingly drastic. To ensure maximum security, Kleverware IAG reduces the risks customers may encounter by providing flexible solutions.
Endpoint detection and response (EDR) solutions monitor endpoint and network events and record the information in a central database. There, the information is subjected to further analysis, detection, investigation, reporting, and alerting. While EDR solutions may be a good start to protect endpoints, they are by no means sufficient. Instead, Endpoint Privilege Management (EPM) solutions must be integrated to protect the systems from within.
Come to the place where the Digital Transformation is happening. The European Identity & Cloud Conference, held from May 12-15, 2020, offers a mixture of best practice discussions, visionary presentations, and networking opportunities with a future-oriented community. More than 800 thought leaders, leading vendors, analysts, executives, and end-users get together in Munich to be inspired by a list of world-class speakers.