The Fast Track to Regulatory Compliance: Lean, Efficient, and User-Centric Access Governance
- LANGUAGE: English DATE: Tuesday, April 09, 2019 TIME: 4:00pm CEST, 10:00am EDT, 7:00am PDT
How to Rapidly Clean Up Entitlements, Continuously Managing Their State, and Doing Lean Access Reviews
Various regulations mandate businesses not only to implement an IGA (Identity Governance & Administration) solution, but as part of that to regularly review their access entitlements across the entire IT landscape, starting with an initial clean-up. This can result in complex projects with multi-year initiatives on defining business roles and cumbersome access review (recertification) processes, which annoy the business users. Factually, such approaches even might fail in fulfilling the regulatory requirements, just because they never get done and used.
Alternatively, businesses can take the fast track: Focusing on efficient and lean approaches that meet the regulatory requirements, but work for the business users – approaches that make use of what business already have, be it a legacy Identity Provisioning tool or ServiceNow running as a cloud service. The target is to homogenize and correlate the as-is state of the various systems across the IT landscape and irrespective of the deployment model, identify the gaps, enforce SoD controls, deliver reports and enable recertification. That recertification must remain agile, focused on risk situations and the entitlements that have changed since the last review, based on the actual entitlements in the target systems, and done in a way that fulfills the regulatory demand. It also needs to integrate.
This can be done in a lightweight manner. It is time to rethink complex IGA approaches that try to cover everything, resulting in cumbersome, long-running projects, and consider alternative approaches that build on a combination on focused tools for rapid success.
In this webinar, we will discuss:
- The essentials of IGA: What you really need and what really works in practice
- Alternative approaches on IGA and the interplay with other services such as ITSM
- How to make Access Governance and specifically access reviews work
- How to build upon what you have, be it a legacy Identity Provisioning or ServiceNow, for delivering a rapid solution
In the first part, Martin Kuppinger, Principal Analyst at KuppingerCole, will look at the current state of IGA and specifically Access Governance and talk about lessons learned of what works and what causes problems in projects. He will further look at alternative architectures and compare these.
In the second part, Laurent Berns of Kleverware, will demonstrate an approach for a fast track solution for Access Governance that works stand-alone, in integration with existing IGA and Identity Provisioning tools, and with ServiceNow.
Kleverware provides solutions to help supervisors and managers be sure they are in compliance to standards and regulations. Post-assessment, the resulting instructions relayed by auditors (Internal Control or Account Auditors) are becoming increasingly drastic. To ensure maximum security, Kleverware IAG reduces the risks customers may encounter by providing flexible solutions.
Nearly all high-impact cyberattacks have a phase in which the attacker must conduct lateral movement from their initial landing point to their ultimate target. To do this, the attacker needs a combination of credentials and available connections between one system and another. This is the evasive process of “living off the land” using the connectivity native to the organization.
Blockchain is still on everyone’s lips and the 2019 can be the year when large enterprises finally embrace the distributed ledger technology. KuppingerCole's inaugural blockchain-themed event will go beyond the hype and will present you real use cases and applications for your enterprise. Blockchain Enterprise Days (#BeDays19) will take place on September 18-19, 2019 in Frankfurt, Germany.