All Research
Executive View
Securely governing access is increasingly important to ensure compliance as well as to defend against cyber-crime. STEALTHbits’ products provide a comprehensive set of solutions to address IT security risks covering Active Directory, Data Access Governance, Privileged Access Management, and Threat Detection.

1 Introduction

Access Governance concerns the processes and technologies for the management of access controls in IT systems. Its objectives are to ensure legitimate access to resources and data while managing the risks of illegitimate access. These risks include the theft of information, fraud through alteration of systems or data, and the subversion of IT systems (through ransomware for example). The large number of reported incidents over the last twelve months shows the need to address these issues.

Access Governance is increasingly important to manage the cyber-risks related to organizational IT systems. These risks extend beyond misuse and mistakes by insiders with legitimate access, to external cyber-attacks that often use apparently legitimate access credentials to bypass the many layers of network defences are now generally implemented by organizations. Often, the first sign that a cyber-attack is in progress is abnormal activity by a legitimate user’s account.

In addition to managing cyber risks, Access Governance is also relevant to regulatory compliance. For many industries, there are regulations that define how certain kinds of data must be acquired, stored, used and protected. These regulations range from those relating to the financial reporting of publicly listed companies, through pharmaceuticals and healthcare to manufacturing and public utilities. On top of this, the increasing number of privacy laws worldwide require stringent controls over how Personally Identifiable Information (PII) is collected and used. This brings not only CRM systems within the scope of Access Governance but also potentially Customer Identity and Access Management (CIAM) used by the organizations customers. Access Governance not only ensures compliance but also provides the evidence needed to prove compliance.

Access Governance uses a range of tools and techniques that covers several areas. KuppingerCole Advisory Note 72559, provides some Key Risk Indicators (KRI) to help organization manage and improve their approach to Access Governance. Access Governance covers:

  • Classification of applications and information
  • Identity Lifecyle Management
  • Access Management
  • Identity and Access Monitoring

Organizations should implement access governance processes using appropriate tools to cover these areas.

Full article is available for registered users with free trial access or paid subscription.
Log in
Register and read on!
Create an account and buy Professional package, to access this and 600+ other in-depth and up-to-date insights
Register your account to start 30 days of free trial access
Register
Get premium access
Choose a package

Stay up to date

Subscribe for a newsletter to receive updates on newest events, insights and research.
I have read and agree to the Privacy Policy
I have read and agree to the Terms of Use