the current state of access management
TRANSCRIPT
The current state of
access managementThomas Heyman, iMinds-DistriNet
$382,750
$479,000
Insider attacks
2
Time todetection
32 months
Cost(USD)
“Insider Threat Study: Illicit Cyber Activity Involving Fraud in the U.S. Financial Services Sector”, CMU SEI
3
In more than half of the cases, the insider used some form of
authorized access.
“Insider Threat Study: Illicit Cyber Activity Involving Fraud in the U.S. Financial Services Sector”, CMU SEI
Access management
4
First... some definitions
5
IAM = IdM + AM
Access management
CISO
Businesspolicy
Employees
Go
vern
ance
Op
era
tion
al
Applicationpolicy
6
Accessrequests
Systematicaccess reviews
The hard thing about access management
CISO
Businesspolicy
Employees
Go
vern
ance
Op
era
tion
al
xx
?
?Application
policy
x
7
Accessrequests
Systematicaccess reviews
xx x ?
O
Challenges in getting there
8
1. Prerequisites
9
Fix your identity management
“ Security starts by understanding who your users are and
what they have access to. ”
10
John Burnham, IBM Director of Strategic Communications
11
Create a valid business case
2. Navigating the market
12
IAM
Pro
cess
es
Su
pp
ort
ing
tech
no
log
ies
Prevent Detect & mitigate
Identitymanagement
AuthenticationAuthorization Logging
AuditAccessmanagement
13
IGA Sec. Intelligence
Privileged access management (PAM)
Access review
Access reqs.
Ext. authz.SIEM
UBARole mining
PBACABAC
14
IGA
Ext. authz.
UBA
PAM
SIEM
Innovators Earlyadopters
Earlymajority
Latemajority
Laggards
The chasm
IAM adoption
3. Rolling it out
15
16
Sales dept. vs. HR vs. finance vs. upper management vs. ...
Business policy vs. application policy
This complicates things...
● Translation and refinement are error prone!
● Hampers transparency
Not everyone uses the same vocabulary
Businesspolicy
Applicationpolicy
Some only have “allowed users”, others only know roles or groups.
This complicates writing an application policy:● Or users get too many
permissions● Or you end up with clutter
in your IDM database● Hampers transparency
17
Not every application uses the same concepts
Businesspolicy
Applicationpolicy
To summarize
18
19
Access management is...
● Important, but
hard to do right
○ Cross-cuts your
organisation
○ Cross-cuts IT
● Lots of point solutions
○ Trim the leaves
○ ...but don’t always
tackle the root of
the problem
Two enabling technologies for the future
20
● Reduces conceptual gap● Improves “readability”
(and therefore transparency)● Avoids unnecessary burden on IDM
● Makes policy change more flexible● Enables centralized policy administration
(and therefore transparency)
ABAC PBAC
Help with...
● aligning access management with business processes● accountability and compliance
The current state of
access managementAny further questions?
Contact us [email protected]
Interested in our events?
Subscribe herehttp://bit.ly/DistrinetAccessControl