This article can also be found in the Premium Editorial Download "Information Security magazine: Nine tips to guarding your intellectual property."
Download it now to read this article plus other related content.
Implementing and managing access control can be a nightmare, especially in extended enterprises encompassing partners, suppliers, contractors and remote users. Regulatory requirements and fear of being the next data breach headline increase the pressure.
The challenge is as complex as it gets. What permissions does each user actually need? How do you keep track of authorized and unauthorized access? How do you enforce access policies across heterogeneous systems and applications? And how do you make sure that provisioning procedures are administered uniformly across the enterprise?
Trying to keep up manually is inefficient, costly and error-prone. Too much access leaves you open to insider abuse, as well as hackers who have their pick of unused or poorly managed accounts that have direct access to company assets. And, your auditors probably won't like what they see.
But, identity management products, designed to unify and automate this complex task, do not roll out easily and cheaply. They must somehow integrate diverse components that comprise an enterprise's often heterogeneous identity and access management (IAM) environment. "Identity management" is a somewhat loaded term that covers a smorgasbord of components, including authoritative sources, identity repositories, virtual or meta-directories, database integration components, access control policy enforcers and more.
Almost everyone acknowledges that a finely developed role-based access control
However, real-world implementations are hamstrung by an often poor understanding of what RBAC is, and a lack of standardization that spawns proprietary solutions that are costly and difficult to integrate, maintain and scale.
We'll talk about these issues and examine the standards that are being developed to overcome them.
This was first published in May 2007