Security Management Strategies for the CIOAccess "How to use an automated user provisioning system for access control"
This article is part of the November 2010 issue of Meeting cloud computing compliance mandates
When organizations think of access management, single sign-on, login credentials and smart cards come to mind. But before a single username and password is issued or a hard token is handed to an employee, the resources and privileges that he or she will access have already been set up. This action of provisioning a user's access is accomplished through a series of request channels, workflows utilized for approvals, and finally the set up of an account or multiple accounts on the organization's application servers. In the past, this was done through a series of coordinated processes and performed by a pool of local administrators. Today, these same functions are commonly done by an automated user provisioning system. However, despite the use of this technology, access management is still a big problem for many organizations. One issue is that the focus of many of these systems is to provision, or on-board, an individual. But the services of deprovisioning, or off-boarding, accounts as an individual changes responsibilities within the organization or leaves ... Access >>>
Access TechTarget
Premium Content for Free.
What's Inside
Features
-
-
McAfee product strategy needs focus, analysts say
Slew of McAfee product initiatives pique interest of customers but industry analysts say the security giant needs to sharpen its focus.
-
Information security professionals on their pay, certifications
The economy is dragging down pay for information security professionals but not dampening their dedication.
-
McAfee product strategy needs focus, analysts say
-
-
Due diligence processes for cloud computing compliance
Moving IT operations to the cloud requires careful due diligence to maintain compliance with HIPAA, GLBA and other regulations.
-
How to use an automated user provisioning system for access control
by Randall Gamby, Contributor
Re-architect your provisioning system into a first line of defense for access management.
-
Due diligence processes for cloud computing compliance
-
Columns
-
Microsoft security proposal is noble, but no way
To cure the botnet plague, Microsoft wants to quarantine infected consumer PCs until they're remediated.
-
The Application Security Testing Gap
by C. Warren Axelrod
Application security reviews miss a critical vulnerability by not ensuring functional security.
-
Schneier-Ranum Face-Off on the dangers of a software monoculture
Security experts Bruce Schneier and Marcus Ranum debate the impact of a software monoculture on computer security.
-
Microsoft security proposal is noble, but no way
More Premium Content Accessible For Free
Compliance and risk modeling
E-Zine
You can fight compliance or embrace it, but one way or the other, you can’t escape it. Increasingly, smart organizations are not just accepting ...
Essentials: Threat detection
E-Zine
Antivirus and intrusion prevention aren’t the threat detection stalwarts they used to be. With mobile endpoints and new attack dynamics, enterprises ...
Managing identities in hybrid worlds
E-Zine
The world in which successful IAM programs must be implemented is increasingly complex, a mix of legacy on-premise IAM infrastructures, cloud-based ...