Weitere ähnliche Inhalte Ähnlich wie Achieving Effective Identity and Access Governance (20) Mehr von Enterprise Management Associates (20) Kürzlich hochgeladen (20) Achieving Effective Identity and Access Governance1. IT & DATA MANAGEMENT RESEARCH,
INDUSTRY ANALYSIS & CONSULTING
Steve Brasen
Research Director – Endpoint and Identity Management
Enterprise Management Associates
Achieving Effective Identity and
Access Governance
2. IT & DATA MANAGEMENT RESEARCH,
INDUSTRY ANALYSIS & CONSULTING
Watch the On-Demand Webinar
Slide 2
• Achieving Effective Identity and Access Governance On-
Demand webinar is available here:
http://info.enterprisemanagement.com/achieving-effective-identity-
and-access-governance-webinar-ws
• Check out upcoming webinars from EMA here:
http://www.enterprisemanagement.com/freeResearch
3. IT & DATA MANAGEMENT RESEARCH,
INDUSTRY ANALYSIS & CONSULTING
Featured Speaker
Steve Brasen, Research Director, EMA
Steve's career at EMA follows 20+ years of “in the trenches”
experience in IT systems support, engineering, and management for
high technology, telecommunications, and financial
institutions. Steve's primary focus area at EMA is on endpoint
management topics, including enterprise mobile management, client
lifecycle management, desktop virtualization, and workspace
management.
4. IT & DATA MANAGEMENT RESEARCH,
INDUSTRY ANALYSIS & CONSULTING
Logistics
Slide 4 © 2019 Enterprise Management Associates, Inc.
An archived version of the event recording will be available at
www.enterprisemanagement.com
• Log questions in the chat panel located on the lower left-
hand corner of your screen
• Questions will be addressed during the Q&A session of
the event
QUESTIONS
EVENT RECORDING
5. IT & DATA MANAGEMENT RESEARCH,
INDUSTRY ANALYSIS & CONSULTING
Steve Brasen
Research Director – Endpoint and Identity Management
Enterprise Management Associates
Achieving Effective Identity and
Access Governance
6. IT & DATA MANAGEMENT RESEARCH,
INDUSTRY ANALYSIS & CONSULTING
Sponsored by:
Slide 6 © 2019 Enterprise Management Associates, Inc.
7. IT & DATA MANAGEMENT RESEARCH,
INDUSTRY ANALYSIS & CONSULTING
Agenda
Slide 7 © 2019 Enterprise Management Associates, Inc.
• Understanding Identity and Access
Governance
• Research and Methodology
• Business Requirements and
Challenges for Identity and Access
Governance
• Effective Governance Policies,
Processes, and Audits
• Achieving Business Goals for Identity
and Access Governance
• Conclusions
8. IT & DATA MANAGEMENT RESEARCH,
INDUSTRY ANALYSIS & CONSULTING
Understanding Identity and Access Governance
The first line of defense in enterprise security
is identity and access management (IAM)
• Identity management positively determines
who is requesting access
• Access management controls the resources
identified that users have access to and the
ways in which they can use them
Slide 8 © 2019 Enterprise Management Associates, Inc.
Identity and access governance processes
orchestrate the policy-based controls that enable
organizations to meet enterprise IT security and
compliance initiatives.
• Defines the policies enforced by IAM controls
9. IT & DATA MANAGEMENT RESEARCH,
INDUSTRY ANALYSIS & CONSULTING
Understanding Identity and Access Governance
Key elements of identity and
access governance include:
Policy Development
Policy Enforcement
Policy Review
Auditing
User and Group Administration
Identity Intelligence
Privileged Access Management
Slide 9 © 2019 Enterprise Management Associates, Inc.
10. IT & DATA MANAGEMENT RESEARCH,
INDUSTRY ANALYSIS & CONSULTING
Research and Methodology
EMA conducted primary, survey-based research to identify optimal
approaches to identity and access governance
Slide 10 © 2019 Enterprise Management Associates, Inc.
Survey Demographics
• 206 respondents
• All respondents were from North America
• Respondents were IT and security
managers knowledgeable about their
organization’s identity and access
management requirements and solutions
• Respondents were from a wide range of
industry verticals and horizontals
11. IT & DATA MANAGEMENT RESEARCH,
INDUSTRY ANALYSIS & CONSULTING
Business Requirements and Challenges
Identity and access governance
is considered an essential
practice by the majority of
businesses
Slide 11 © 2019 Enterprise Management Associates, Inc.
Percentage of respondents indicating how important identity
and access governance is to their organization
12. IT & DATA MANAGEMENT RESEARCH,
INDUSTRY ANALYSIS & CONSULTING
Business Requirements and Challenges
While most organizations deliver IT services directly to their
employees, many also extend access to users outside their business
Slide 12 © 2019 Enterprise Management Associates, Inc.
Percentage of respondents indicating the types of users who access enterprise IT resources
13. IT & DATA MANAGEMENT RESEARCH,
INDUSTRY ANALYSIS & CONSULTING
Business Requirements and Challenges
Governance practices are also encumbered by the diversity of
resources accessed by supported users
Slide 13 © 2019 Enterprise Management Associates, Inc.
Percentage of respondents indicating types of hosted IT resources that require
identity and access controls governed by their organization
14. IT & DATA MANAGEMENT RESEARCH,
INDUSTRY ANALYSIS & CONSULTING
Business Requirements and Challenges
85% of survey respondents indicated that users in their organization
violated business IAM policies in the preceding 12 months
Slide 14 © 2019 Enterprise Management Associates, Inc.
Percentage of respondents indicating consequences that occurred due to a violation of their
organization’s identity and access management policies
15. IT & DATA MANAGEMENT RESEARCH,
INDUSTRY ANALYSIS & CONSULTING
Governance Policies, Processes, and Audits
The practices managed by a governance board can vary greatly
depending on the type of business and required level of security.
Slide 15 © 2019 Enterprise Management Associates, Inc.
Percentage of respondents indicating processes that are actively overseen by a governance body in their organization
16. IT & DATA MANAGEMENT RESEARCH,
INDUSTRY ANALYSIS & CONSULTING
Governance Policies, Processes, and Audits
There is a direct correlation between the frequency of audits
and an organization’s ability to detect policy violations.
Slide 16 © 2019 Enterprise Management Associates, Inc.
Percentage of users in respondent’s organization who were detected violating identity and access policies in the last year
(segmented by the average frequency of audits)
17. IT & DATA MANAGEMENT RESEARCH,
INDUSTRY ANALYSIS & CONSULTING
Governance Policies, Processes, and Audits
The effort necessary to perform frequent governance audits is
directly attributable to the number and complexity of audit tasks.
Slide 17 © 2019 Enterprise Management Associates, Inc.
Percentage of respondents indicating the processes included in formal identity and access governance audits
18. IT & DATA MANAGEMENT RESEARCH,
INDUSTRY ANALYSIS & CONSULTING
Achieving Business Goals for Governance
Identity and access governance platforms provide a wide range
of features for automating and managing processes across the
breadth of governance requirements.
Slide 18 © 2019 Enterprise Management Associates, Inc.
Percentage of respondents indicating the most important features of an identity and access governance platform
19. IT & DATA MANAGEMENT RESEARCH,
INDUSTRY ANALYSIS & CONSULTING
Achieving Business Goals for Governance
The value achieved from adopting an identity and access
governance platform is quantified by reviewing the level of
difficulty in performing specific tasks
Slide 19 © 2019 Enterprise Management Associates, Inc.
Comparing platform adopters to non-adopters on the LEVEL OF DIFFICULTY in performing identity and access governance tasks
20. IT & DATA MANAGEMENT RESEARCH,
INDUSTRY ANALYSIS & CONSULTING
Achieving Business Goals for Governance
Difficult tasks are not necessarily time-consuming (and vice versa),
but the amount of time spent performing tasks is also affected by the
adoption of a governance platform
Slide 20 © 2019 Enterprise Management Associates, Inc.
Comparing platform adopters to non-adopters on HOW TIME-CONSUMING it is to perform identity and access governance tasks
21. IT & DATA MANAGEMENT RESEARCH,
INDUSTRY ANALYSIS & CONSULTING
Achieving Business Goals for Governance
The financial cost of performing governance tasks was also
determined to be broadly mitigated by the adoption of
governance platforms
Slide 21 © 2019 Enterprise Management Associates, Inc.
Comparing platform adopters to non-adopters on HOW FINANCIALLY COSTLY it is to perform identity and access governance tasks
22. IT & DATA MANAGEMENT RESEARCH,
INDUSTRY ANALYSIS & CONSULTING
Conclusions
Effective identity and access governance
requires the establishment of holistic visibility
across their entire IT ecosystem
Audit and reporting processes must be
performed at least once every month to close
potential risks and ensure existing policies
accurately reflect business requirements
An automated identity and access governance
platform is essential to easily and cost-
effectively achieving continuous compliance
and risk mitigation
Slide 22 © 2019 Enterprise Management Associates, Inc.
23. IT & DATA MANAGEMENT RESEARCH,
INDUSTRY ANALYSIS & CONSULTING
Questions?
Slide 23 © 2019 Enterprise Management Associates, Inc.
Get the full report at http://bit.ly/2WFvFKc