5 Easy Steps to Simplify IAM
By Priyanka Akhouri
Mumbai, May 5, 2008

Businesses have been moving in the direction of increased connectivity, looking for ways to become more efficient and offer better services to their users. Thus, the need for data protection has taken the spotlight among enterprises. IAM enables enterprises to overcome the security challenges faced by them while accessing critical information. IAM broadly refers to the administration of individual identities within a system, such as a company, a network, or even a country.

IAM solutions are maturing but remain complicated. Implementation of IAM solutions is always a big challenge for the enterprises, the best way to implement an IAM solution is to go in phases.

Outlined below are 5 ways in which organizations can simplify IAM

1. Use comprehensive Integrated Solutions

In the search for efficiency and effectiveness, organizations are looking for a complete solution in a single system, rather than implementing and combining multiple systems. They seek integrated solutions that provide a mix of authentication devices, applications, and management tools to meet their current and perceived future needs, and that fit well into existing IT infrastructures.

According to Satish Kumar Dwibhashi, manager (client solutions group) at SecureSynergy, CIOs should understand the tolerance for risk when introducing new technology into the company and when changing business processes. "Implementing a component that has a quick impact on the enterprise that is typically achievable in 90 days is an excellent way to become familiar with the vendor, as well as to start instilling a new corporate culture around IAM," he added.

2. Authentication and Authorization of Systems

This includes authentication management and session management. The authentication module provides the initial access to a system once a user gives the required credentials.

According to Joe Gare, solutions architect/ compliance specialist (APAC/ Japan) of Quest Software, "By streamlining password management through active directory-based self serve capabilities, which can also be extended to Unix and Linux systems, organizations can securely manage appropriate access to business resources for employees, customers, partners and suppliers."

Harshal Pendse, director, (technology initiatives) of Oracle India said, "The authorization module checks if a user has got the permission to access a particular resource in the system and this is verified against an authorization policy. Authorization implements role-based access control."

3. Ensures User Management

User management module defines the set of administrative functions such as identity creation, propagation, and maintenance of user identity and privileges. One of its components is user life cycle management that enables an enterprise to manage the lifespan of a user account, from the initial stage of allocation to the final stage of de-allocation. "By reducing the sign on feature IAM allows Unix, Linux, and Java systems to participate in the same "trusted realm" as Windows users and computers," added Gare.

4. Adopting Compliance Acts for Fraud Prevention

"Rapid growth in online commerce has brought increasing sophistication of Internet fraud. Threats from phishing, pharming, trojans, key logging, and proxy attacks, combined with regulations and mandates (such as HIPAA, PCI, etc.) governing online data privacy, place online security at a premium," stated Pendse. Customers must feel protected for online business channels to grow. To minimize these threats, organizations should take into consideration compliance acts, which provide superior protection for businesses and their customers from real-time fraud prevention.

5. Greater Value from a Single Device

The desire for maximum ROI means organizations are increasingly seeking solutions that offer multiple combined capabilities in a single device. To meet this requirement, organizations should look for opportunities where the project can improve and streamline the overall business process.

According to Gartner, the biggest benefits to be gained from an IAM implementation is when the IAM project is viewed as a business process change project rather than a technology.


Related Links:

Secure Critical Information with IAM
Cosmos Cooperative Bank to Deploy IAM Solns