Identity & Access Management

As companies are growing, it is more and more difficult to manage end user life cycles. A lack of control exposes the company to several risks.

« In 2019, the global cost of failure or setup errors linked to access rights management is 8,7 billion dollars.»

SOURCE

There are several factors linked to a lack of control of the user life cycle:

  • Users with wide access can accidentally delete or share sensitive data.

  • An employee willing to fraud can do so using SoD failures, corrupting data, steeling data to sell them to competition or expose financial data to harm the company.

  • Hackers try to target user accounts with privileged access to be able to access wide databases, systems, applications and infrastructure. Indeed, the systems contain the most sensitive data for a company (suppliers, clients, patents, etc.)

It is important to avoid providing too wide access to end users. Generally, the target is to limit access to business needs, implementing a thorough SoD process or enhancing dual control.
To guarantee secured user provisioning, it is highly recommended to enforce the User Access Management (UAM) related processes by implementing a tool including automatic provisioning and preventive sanity checks.
The security experts at ArtimIS support their clients with the implementation of identity and user right related processes including appropriate tooling :

Conception and implémentation :

  • Of a proper identity management process,

  • Of a strategy to define a single sign on type of user management to improve end user experience,

  • Of a mutual access request management tool (cross system),

  • Of a process to manage end users with wide access (IT, business, internal audit, …),

  • Of a process to review the access rights that fits external audit requirements – User Access Review (UAR)