Access Governance Vulnerabilities
Facebook Twitter LinkedIn

Access Governance Vulnerabilities

Combined Session
Thursday, May 12, 2016 14:30—15:30
Location: AMMERSEE I

Recertifications - What's Possible Today, Limitations and the Future Potential for Access Governance

Recertifications are one of the established concepts in IAM today. However, you will rarely find any organization that is really happy with the way recertification works. Recertification initiatives cause a lot of work, friction, and frustration.

However, the biggest challenge of recertification is that it is more than questionable whether it delivers on its target, which is is risk mitigation, concretely access risk mitigation. By running regular recertification campaigns, organizations will identify some risks. However, many risks will be identified just months after excessive entitlements have been granted, after persons have moved their job, etc. Recertification is always late, and sometimes it may be too late.

On the other hand, regulators and auditors, even while they should know better, insist in organizations still performing traditional recertification campaigns. Thus, organizations must solve two challenges:

In the first part of this session, Niels von der Hude will focus on both aspects in his talk and provide guidance on how to really mitigate access risks today, in an efficient and lean manner, while keeping the auditors happy anyway.

Recertifications - What's Possible Today, Limitations and the Future Potential for Access Governance
Presentation deck
Recertifications - What's Possible Today, Limitations and the Future Potential for Access Governance
Click here to download the slide deck. Please note that downloads are only available for event participants and subscribers. You'll need to log in to download it.
Niels von der Hude
Niels von der Hude
Beta Systems Software
Niels is Director Market Development IAM at Beta Systems Software. He is a globally recognized IAM thought leader in the market and a very experienced Manager with balanced business and technical...
Paul Simmonds
Paul Simmonds
KuppingerCole
Paul is Fellow Analyst at KuppingerCole and the CEO of the Global Identity Foundation, as well as a consulting CISO and was previously the Global CISO for AstraZeneca, Global CISO for ICI, Head of...

Beyond Recertification

Very few companies, if any, are satisfied with the outcomes of their recertification efforts, because intelligence on risks come too late to be of real value. In this panel session we will discuss on how to get better and what possible alternative strategies are.  

Frank Böhm
Frank Böhm
FSP
Frank Boehm has been Managing Director at FSP since 2002. He started his professional career 1989 as a consultant for the financial services sector at Accenture and lead international...
Christian Himmer
Christian Himmer
KuppingerCole
Christian Himmer is a Senior Analyst at KuppingerCole. He has more than 20 years of experience in the field of Identity Management in the German banking sector. During this time he has held a...
Niels von der Hude
Niels von der Hude
Beta Systems Software
Niels is Director Market Development IAM at Beta Systems Software. He is a globally recognized IAM thought leader in the market and a very experienced Manager with balanced business and technical...
Andy Land
Andy Land
IBM
Andy Land is a security technology executive who runs worldwide product marketing at IBM Security for the Identity, Application, and Data Security segments. He has a successful background in...
Subscribe for updates
Please provide your email address