|
(PRIORITIES2008) identity management
Identity Jigsaw
Strong authentication, provisioning and single sign-on are on the table.
Manually managing user accounts has become an unwieldy operation for HealthCare Partners and its 3,500 employees. That's made a user provisioning system a priority for the multispecialty medical group.
"We'd like to be able to automate and save some ongoing costs as well as be more thorough about who's getting access and getting rid of that access when they no longer need it," says Leo Dittemore, director of IS security administration.
HealthCare Partners is among many organizations focusing on identity and access management this year. Forty-two percent of survey respondents say they will spend more time on identity management. Specifically, more than 60 percent say strong authentication is an important priority while nearly 56 percent rated improving user access rights/authorization as important. About 31 percent will evaluate provisioning technologies.
More businesses are waking up to the operational benefits of identity and access management (IAM), having overcome initial skepticism, says Paul Rohmeyer, consultant and assistant professor at the Howe School of Technology Management at Stevens Institute of Technology.
"You're starting to see more organizations trying to move (IAM) efforts forward. There was a period of time when they probably just didn't understand how important it was," he says. "The tools have matured."
SystemExperts CEO Jonathan Gos- sels says regulatory requirements drive much of the interest in IAM: "You need to continually know who has what rights, and when employees leave, you need procedures in place to terminate access."
The push toward strong authentication has been a trend for a quite awhile, Gossels says, and companies are continuing to implement smart cards, tokens, or even newer technologies that track a user's typing rhythm.
When Parsons Behle & Latimer, a Salt Lake City-based law firm with about 250 employees, looked for a way to strengthen authentication for lawyers working remotely, it chose BioPassword. The technology combines users' ID and password with their unique typing rhythm. It was the easiest to use and implement, says Jason Smith, applications administrator. "It's another layer of security," he says.
|
