Identity and access management (IAM) is increasingly being deployed within organizations across multiple sectors as they recognize that a progressive approach to IAM is crucial for their companies. Though not yet mature, the IAM market continues to grow because of a number of influences and developments. Some of the developments include, among others, cloud computing, web solutions, information governance and BYOD.
To better understand how the market in moving toward IAM, let’s take a look at some of the developments and their impacts.
Moving to and using the cloud
On-premise solutions are being used less and less. Where hardware and applications were previously used in abundance and managed internally, solutions are now being moved to the cloud with an increasing amount of frequency. A main advantage of moving to the cloud is that this strategy allows organizations to make the work of their employees more flexible and allows them to work wherever they are located and to be far less dependent on local servers and other hardware. Therefore, as long as an Internet connection is available, staff can gain access to their applications and to their work.
Also, cloud applications impose far fewer demands on the equipment on which the work is done. What this means specifically is that these solutions grant employees more opportunity to work more freely from any device, be it a laptop, tablet or smartphone, as well as a desktop computer.
However, the cloud has little benefit for making the management of identity and access management solutions easier, unfortunately. Where tight integration arrangements within a network were the norm, the required collaboration with multiple cloud suppliers -- which all have their own standards -- means processes can becomes more difficult to manage in some cases. Stated another way, cloud applications have their own password policies, which means traditional LDAP authentication with the Active Directory becomes considerably more complex in it set up. Automatic management of user accounts and rights within the application also is increasingly more difficult. Finally, in addition, existing on-premises APIs no longer work over the Internet, which requires the functional application manager to operate with a manual user management interface.
WebSSO (single sign-on)
With the growing use of cloud solutions, employees continue to have difficulty keeping track of their account credentials; this is not a new problem, but one that seems to have exacerbated recently. An often attempted solution to this problem is to offer staff and employees a portal where direct links to the various URLs for the web applications are clustered. Employees then only need to remember one URL, which is that of their own portal. The problem is, though, employees still need to remember a number of usernames and passwords once they’ve access this one URL because the applications hosted within it still need to be accessed.
A simple fix to this problem is one many are beginning to realize -- organizations can deploy WebSSO. With single sign-on (SSO), end-users only have to authenticate themselves once, entering a username and password from the Active Directory. WebSSO then takes over the log in processes, allowing users to not have to enter log in details again when wanting to open an additional application. With this approach, a user only needs to be authenticated once when entering the portal and the single sign-on software takes over the login processes for the cloud applications. This process is not only more user friendly, but also is more secure as it reduces the need for end users to write down credentials down or store them improperly to remember them.
Identity and access governance
Strict regulation in a variety of industries and across multiple sectors is helping make the use of IAM solutions more prevalent. Organizations must comply with audits or information requests, so many leaders require that their organizations clean up their information stores and in so doing, they put any rights pollution under the microscope. Since rights are often issued on the basis of copy-user or template users, pollution can easily creep in during the initial granting of rights. Manually charting the rights granted is highly complicated and time-consuming. In many instances continually managing the rights structure is simply not feasible.
Therefore, by using identity and access governance, organizations are able to easily ensure that employees only have the access to the network resources required to perform their duties. In the past, identity and access governance was largely the domain of financial institutions and major international concerns. Because of regulation and the increased need for the protection of data, governance of information is becoming more prevalent to a variety of institutions, including those in healthcare, small to enterprise companies and other commercial operations.
Broad access to information systems
Another recent development affecting the expansion of IAM solutions throughout enterprise is the increasing need to make information widely available to many parties. Growing numbers of people want or need access to information and information systems. For example, local authorities and municipalities now allow the public regular access to their information systems to access certain data points or records. Within healthcare sector, patients require the ability to view their own medical details through secure portals and web-based sites.
Organizations are taking the initial steps and alongside their Active Directory are building up an LDAP store to enable broader access to information systems. This means that in addition to staff, external parties must also be provisioned and made known within the network. A user ID is needed and people must authenticate themselves to gain access to the information systems. With identity and access management it is possible to automate the provisioning and authentication process to reduce the overwhelming amount of manual tasks the IT department needs to perform.
Overall, the IAM market is hot continues to grow, evolving to meet the needs of organizations and the changes that they are making within their companies to operate more efficiently and change with the changing times.
For more information, please visit our website at www.tools4ever.com.
Friday, February 20, 2015
Friday, February 13, 2015
Reducing Menial IT Tasks through Automation and Provisioning
There are many identity and access management solutions out on the market that claim to have all sorts of magical benefits for the organizations they serve. If your firm is not having any major IAM issues, though, you may be wondering, “Does my organization really need any of these solutions?”
The truth is that you may believe that your systems are secure, that you have given your employees all the tools to be efficient and that accounts are being provisioned effectively for your employees. But, if you take a closer look at these processes, you may see that there is much room for improvement.
Although there might not be a major issue that needs to be solved, an IAM solution can save your organization significant time and money and easily help meet audit requirements. The following are just a few of the processes that can be drastically improved by an IAM solution.
Efficiently provisioning accounts
Accounts seem to be getting provisioned by your system admins in a timely manner, so why would you need any type of solution in place? If you begin to add up the time spent on this task, though, especially for large organizations, the process of provisioning accounts can be daunting and result in many errors.
Often, new employees do not even have their network accounts correctly provisioned their first day of employment and have to wait several days to have their appropriate access set up. These are wasted dollars for your organization, as the employees wait unproductively. In addition, provisioning accounts is a menial task that takes up a considerable amount of time of advanced IT employees or even requires the organization to have a full-time employee just to perform this task.
A case example of this was Lifestyle Hearing. The organization spent a great deal of time ensuring that employees had accounts properly created. Franco Butera, IT director, said, “This task took about half an hour for IT to complete, and that was only if we had all the correct information from the beginning. If not, we had to track down the employees in an attempt to get the information, and wait for a response that could take up to an hour or more.”
The organization implemented an automated account management solution that allows human resources to have controlled access through a Web-based form. They can now easily create accounts by entering the employee’s information, defining their profiles and which systems they need to access. Lifestyle Hearing previously had a four- to five-day window for account creation, but using an account management solution, employees are now able to have their accounts created right away and start working the same day they are hired.
Easily securing the network
Your organization may have taken many precautions, and you believe that your network is safe as it can be. However, take a walk past your employees’ desks and see the Post-its they have scattered around with their credentials written on them, or do a little searching and find a paper with a list of their credentials in their desk drawer, often with detailed login instructions. This is not only an annoyance for your employees, but also a major security risk.
This was the issue that Needham Bank was having. End users at the bank needed access to several different systems and applications to properly assist customers. “End users became frustrated at the number of disparate passwords they had, and the frequency they would have to enter the user names and passwords,” said James Gordon, first vice president of information technology at Needham Bank. The organization implemented a single sign-on solution that allows employees to log in with a single user name and password, and thereafter gain access to all systems and applications for which they have authorization, drastically reducing the login time.
With a single set of credentials, employees no longer have to write down their passwords to remember them, which resulted in greatly improved security.
Greater productivity — efficiently reset passwords
You may not think much about when your employees need their password reset, but this is actually the single most common call that employees make to the help desk. Though this is an easy task to manage, it is time consuming for both the help desk and the end user. In addition, this is a major problem for employees who work outside the times of the help desk. If end users work nights, weekends or even in a different time zone and are locked out of their account and unable to contact the help desk to reset their password, this leaves them unable to access their applications or system until the help desk receives and processes the request, leaving them unproductive.
National Geographic experienced this issue. Nat Geo’s employees need to access several cloud applications, including Google Apps, with different credentials for each to perform their jobs. This became an issue when employees had difficulty logging in because they forgot their passwords and were unable to contact the help desk as they are located in different time zones around the world, outside of the business hours of the help desk.
With a self-service reset password solution employees simply answer predefined security questions and are able to reset their passwords, even in the middle of the night, without contacting the help desk. This allows them to quickly resolve their password issues and continue with their work.
Overall, though your company might not be having a major IAM issue that needs quick attention, there are many IAM solutions that can greatly improve upon the processes that your organization has in place. No matter how big or small, or what industry your company is in, it is beneficial to at least take a look at how an IAM solution can help improve your organization.
For more information, please visit our website at www.tools4ever.com.
The truth is that you may believe that your systems are secure, that you have given your employees all the tools to be efficient and that accounts are being provisioned effectively for your employees. But, if you take a closer look at these processes, you may see that there is much room for improvement.
Although there might not be a major issue that needs to be solved, an IAM solution can save your organization significant time and money and easily help meet audit requirements. The following are just a few of the processes that can be drastically improved by an IAM solution.
Efficiently provisioning accounts
Accounts seem to be getting provisioned by your system admins in a timely manner, so why would you need any type of solution in place? If you begin to add up the time spent on this task, though, especially for large organizations, the process of provisioning accounts can be daunting and result in many errors.
Often, new employees do not even have their network accounts correctly provisioned their first day of employment and have to wait several days to have their appropriate access set up. These are wasted dollars for your organization, as the employees wait unproductively. In addition, provisioning accounts is a menial task that takes up a considerable amount of time of advanced IT employees or even requires the organization to have a full-time employee just to perform this task.
A case example of this was Lifestyle Hearing. The organization spent a great deal of time ensuring that employees had accounts properly created. Franco Butera, IT director, said, “This task took about half an hour for IT to complete, and that was only if we had all the correct information from the beginning. If not, we had to track down the employees in an attempt to get the information, and wait for a response that could take up to an hour or more.”
The organization implemented an automated account management solution that allows human resources to have controlled access through a Web-based form. They can now easily create accounts by entering the employee’s information, defining their profiles and which systems they need to access. Lifestyle Hearing previously had a four- to five-day window for account creation, but using an account management solution, employees are now able to have their accounts created right away and start working the same day they are hired.
Easily securing the network
Your organization may have taken many precautions, and you believe that your network is safe as it can be. However, take a walk past your employees’ desks and see the Post-its they have scattered around with their credentials written on them, or do a little searching and find a paper with a list of their credentials in their desk drawer, often with detailed login instructions. This is not only an annoyance for your employees, but also a major security risk.
This was the issue that Needham Bank was having. End users at the bank needed access to several different systems and applications to properly assist customers. “End users became frustrated at the number of disparate passwords they had, and the frequency they would have to enter the user names and passwords,” said James Gordon, first vice president of information technology at Needham Bank. The organization implemented a single sign-on solution that allows employees to log in with a single user name and password, and thereafter gain access to all systems and applications for which they have authorization, drastically reducing the login time.
With a single set of credentials, employees no longer have to write down their passwords to remember them, which resulted in greatly improved security.
Greater productivity — efficiently reset passwords
You may not think much about when your employees need their password reset, but this is actually the single most common call that employees make to the help desk. Though this is an easy task to manage, it is time consuming for both the help desk and the end user. In addition, this is a major problem for employees who work outside the times of the help desk. If end users work nights, weekends or even in a different time zone and are locked out of their account and unable to contact the help desk to reset their password, this leaves them unable to access their applications or system until the help desk receives and processes the request, leaving them unproductive.
National Geographic experienced this issue. Nat Geo’s employees need to access several cloud applications, including Google Apps, with different credentials for each to perform their jobs. This became an issue when employees had difficulty logging in because they forgot their passwords and were unable to contact the help desk as they are located in different time zones around the world, outside of the business hours of the help desk.
With a self-service reset password solution employees simply answer predefined security questions and are able to reset their passwords, even in the middle of the night, without contacting the help desk. This allows them to quickly resolve their password issues and continue with their work.
Overall, though your company might not be having a major IAM issue that needs quick attention, there are many IAM solutions that can greatly improve upon the processes that your organization has in place. No matter how big or small, or what industry your company is in, it is beneficial to at least take a look at how an IAM solution can help improve your organization.
For more information, please visit our website at www.tools4ever.com.
Friday, February 6, 2015
Mobility and the Cloud: No new trend but an ever-evolving issue
The trend that’s continuing to surge for workforce employees is mobile, on-the-go work and work from home despite some pull back from large organizations, like Yahoo! In the last six years telework grew a staggering 73 percent . In addition, one of four U.S. employees works remotely at least some of the time. These statistics don’t include all of the people who travel regularly and work remotely because of this.
Though working remotely has many benefits or organization and their employees, the cloud and mobility can bring about issues for both the organization’s IT department and the end user. Richard Branson, founder of Virgin Group, was recently quoted making the bold statement that “one day offices will be a thing of the past.” Until then, though, some of the issues with working remotely need to be ironed out.
Managing Accounts for Remote Employees
Correctly provisioning accounts for hundreds or thousands of users who are not physically working within the walls of an organization can be a major headache, and also can be an issue for the end user as employees need access to their accounts quickly and correctly provisioned so that they can begin their work and have access to the systems and applications that they need. In addition, ensuring that employees who are no longer with the company are correctly de-provisioned also needs to be done properly. A disgruntled employee who has access to the organization’s network can cause a great deal of havoc to its data.
Losing Track of Who Has Access to What
Amidst all of the account provisioning, granting access and revoking access to the many cloud applications, organizational IT leaders can easily lose track of exactly who has access to what. This can become not only a security issue, but also a problem for licensing costs since the organizations does not know exactly how many licenses they need to be buying. In addition, this can be a problem when needing to audit systems since it is difficult for the organization to show and document who has access to secure data.
Dealing with Password Issues
Like employees working onsite, those working remotely tend to have difficultly remembering their credentials for the many different cloud applications they need to access. This is especially true for employees who are on the go, and contacting the IT department can be a major hassle. Needing to contact the helpdesk to have a password reset while working remotely is not only a huge annoyance for the end user, but also for the IT department since it tends to receive copious amounts of these types of calls.
So how can all of this be solved? Several leading organizations have chosen to use identity and access management solutions for resolving most of these issues. An automated account management solution can allow the IT department at any organization to easily complete a form, check the boxes for which systems accounts need to be created in and accounts are automatically provisioned. This task can even be delegated to less technical staff if needed, such as help desk employees.
When employee accounts need to be disabled, help desk employees can easily de-provision users without manually going into each system and application. Additionally, the accounts also can be placed into a different category, where they have limited access to systems, but can still utilize other aspects of the accounts.
To keep track of exactly who has access to what, a centralized dashboard can be used to provide an overview of which users are deployed in each cloud application. This allows the organization to know exactly who has access to what, and how many licenses they need for each cloud application.
To help with password issues, single sign-on solutions work well with cloud applications. This allows users to login in once with a single set of credentials and thereafter gain access to all other applications they are authorized for. If a password does need to be reset, a self-service password reset software is another type of solution that can be helpful to remote employees. This type of solution allows end users to reset their own passwords without having to contact the help desk. Employees and students can answer security questions that they have previously provided answers to, and quickly reset their passwords.
With all or some of these solutions, organizations are able to provide a better experience to their users who are working remotely, and allow them to work more efficiently wherever they are.
For more information, please visit our website - www.tools4ever.com.
Though working remotely has many benefits or organization and their employees, the cloud and mobility can bring about issues for both the organization’s IT department and the end user. Richard Branson, founder of Virgin Group, was recently quoted making the bold statement that “one day offices will be a thing of the past.” Until then, though, some of the issues with working remotely need to be ironed out.
Managing Accounts for Remote Employees
Correctly provisioning accounts for hundreds or thousands of users who are not physically working within the walls of an organization can be a major headache, and also can be an issue for the end user as employees need access to their accounts quickly and correctly provisioned so that they can begin their work and have access to the systems and applications that they need. In addition, ensuring that employees who are no longer with the company are correctly de-provisioned also needs to be done properly. A disgruntled employee who has access to the organization’s network can cause a great deal of havoc to its data.
Losing Track of Who Has Access to What
Amidst all of the account provisioning, granting access and revoking access to the many cloud applications, organizational IT leaders can easily lose track of exactly who has access to what. This can become not only a security issue, but also a problem for licensing costs since the organizations does not know exactly how many licenses they need to be buying. In addition, this can be a problem when needing to audit systems since it is difficult for the organization to show and document who has access to secure data.
Dealing with Password Issues
Like employees working onsite, those working remotely tend to have difficultly remembering their credentials for the many different cloud applications they need to access. This is especially true for employees who are on the go, and contacting the IT department can be a major hassle. Needing to contact the helpdesk to have a password reset while working remotely is not only a huge annoyance for the end user, but also for the IT department since it tends to receive copious amounts of these types of calls.
So how can all of this be solved? Several leading organizations have chosen to use identity and access management solutions for resolving most of these issues. An automated account management solution can allow the IT department at any organization to easily complete a form, check the boxes for which systems accounts need to be created in and accounts are automatically provisioned. This task can even be delegated to less technical staff if needed, such as help desk employees.
When employee accounts need to be disabled, help desk employees can easily de-provision users without manually going into each system and application. Additionally, the accounts also can be placed into a different category, where they have limited access to systems, but can still utilize other aspects of the accounts.
To keep track of exactly who has access to what, a centralized dashboard can be used to provide an overview of which users are deployed in each cloud application. This allows the organization to know exactly who has access to what, and how many licenses they need for each cloud application.
To help with password issues, single sign-on solutions work well with cloud applications. This allows users to login in once with a single set of credentials and thereafter gain access to all other applications they are authorized for. If a password does need to be reset, a self-service password reset software is another type of solution that can be helpful to remote employees. This type of solution allows end users to reset their own passwords without having to contact the help desk. Employees and students can answer security questions that they have previously provided answers to, and quickly reset their passwords.
With all or some of these solutions, organizations are able to provide a better experience to their users who are working remotely, and allow them to work more efficiently wherever they are.
For more information, please visit our website - www.tools4ever.com.
Subscribe to:
Posts (Atom)