In this blog series we briefly cover seven trends that impact your Identity and Access management strategy. In this part we cover the Increase of the different user types, in particular external users such as customers and suppliers and why it’s so important that you take up these identities within your IAM strategy.
We all know the importance of identity and access management within an organization and that it’s your first line of defence against cyber-crime. You simply need to know who has access to what and why within your company, so you can make sure that these employees don’t have to many access rights than they require to do their job. The simple principle of least privilege (PoLP) as it’s called.
Next to that, you want to be able to enforce security policies and apply segregation of duties so that you can be compliant with all the rules and regulations that your company is subject to, and be able to prove it to the regulators if need be. At most companies this only applies to the employees and service accounts used within the IT environment, however these identities are not the only ones connecting to your network.
What about your online shoppers that have an account with you? They no longer just connect through a web application as companies often offer a multi-channel experience including mobile applications or even partner applications to improve the personalized customer experience. Next to a great user experience, customers also want their data to be safe with their favorite brand.
According to the PwC’s “Experience is everything; Here’s how to get it right” report, 32% of customers will leave their favorite brand after just one bad experience. A bad customer experience is not even the worst thing that can happen. What will happen to your customer base after a data breach where credit card details were stolen for example? According to the 2019 Ping Identity Report, 81% of customers would stop engaging with their favorite brand online and one in four would stop all interactions with the brand. CIAM is a good way to cover the identities of your customers, it offers more customer orientated attributes and is focussed on customer experience and can help organizations to build customer trust. Ping identity is one of the tools that offers a CIAM solution that focusses on customer experience and security.
Besides customers at the front end of your organization you also have suppliers and vendors at the back-end that have access to your network. Especially in the case of outsourcing, for example your IT support or third party cloud services. As you’ve seen in our previous blog, most companies have moved from a private cloud environment to an external cloud provider or they run a multi cloud strategy where both solutions are in play.
This means that the cloud provider also has access to your environment and with that your data. In order to make sure that you know who has access to what and why, you need to be able to manage these vendor identities that have access to your infrastructure. In the case of a cloud provider it is best to set up PAM Privileged access management as they might have access to highly critical applications, data bases and servers.
Using One Identity’s SafeGuard for PAM is a great solution to handle this. It uses a secure physical appliance that is installed in the data centre (recently there is also a virtual appliance available). This appliance acts as a vault holding the privileged accounts that give your suppliers’ administrators access to the systems they have to manage. This vault will give them temporary random login credentials to log in when they request it. After that it will revoke the credentials when the work is finished.
Making sure that administrators don’t have their own passwords on these critical systems. Furthermore, it also monitors and records the admin sessions giving you full insight in the work that has been done on your systems so you can be more in control and you can prove it.