Because implementing a Web access control product like SiteMinder often means fewer privileges, not more, you should also make sure that the helpdesk is aware of this change and there are clearly documented processes for users requesting access to intranet sites. You may be able to create dynamic roles based on LDAP attributes, but you should be prepared for the eventuality of users losing access to an online resource needed for their work. If he or she is aware and well-trained on how the system works, the resource owner should be able to work with the SiteMinder administrators to implement the proper controls in a timely manner.
For more information:
Dig Deeper on Security Awareness Training and Internal Threats-Information
Related Q&A from David Griffeth
Are users at your enterprise creating weak passwords that could potentially lead to serious data breaches? In this identity and access management ... Continue Reading
Virtualization is a technology that's taking off, but how can information security professionals know how it will interact with their existing ... Continue Reading
Periodic access reviews for enterprise identity and access management (IAM) can help ensure the necessary personnel have access to essential systems ... Continue Reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.