News & Commentary

10:25 AM
Chris Sullivan, Courion Corporation
Chris Sullivan, Courion Corporation
Commentary
50%
50%

It Takes Intelligence to Close the Identity and Access Management Gap

Banks have been the Holy Grail for hackers, thieves and disgruntled ex-employees for centuries. Yet somehow, the security burden keeps growing.

The challenge for banks has always been ensuring the right people have the right access to the right resources and do the right things with them -- this is identity and access management (IAM). The first wave of solutions in the early 2000s automated provisioning with a focus on efficiency. Organizations could on-board new employees more quickly while using fewer IT staff to do it. The second wave of solutions focused on governance, helping organizations meet increasing regulatory pressure. Still, breaches kept climbing exponentially.

The IAM Security Gap

The remaining problem is a disturbing phenomenon at the heart of every institution’s information security program: The "IAM gap."

Consider this: Actions such as on-boarding a new customer or employee, promoting a staff member, terminating a contractor, merging companies or departments, or delivering a new product all require changes in identities and access to sensitive information. How do you keep up with the constant changes?

Well, traditional IAM solutions address only part of the problem. User provisioning puts controls in place to ensure users are given only the access rights they need to do their jobs. Later – say, every three, six, nine, 12 months – organizations perform periodic reviews or certifications to validate that those access rights are in line with policy.

But here’s the problem: traditional IAM solutions don’t address the constant changes in identities, access and information stores -- billions of access relationships in most organizations -- that take place in the months between provisioning and validation. What you end up with is a huge gap that leaves an institution’s sensitive company information at risk to internal and external threats

Previous
1 of 2
Next
Comment  | 
Print  | 
More Insights
Register for Bank Systems & Technology Newsletters
White Papers
Current Issue
Bank Systems & Technology Oct. 14, 2014
Bank Systems & Technology's new Must Reads is a compendium of our best recent coverage of customer analytics. Learn what big data means for banks, meet Wells Fargo CDO Charles Thomas, find out how to connect with your Gen Y customers, and more.
Slideshows
Video
Bank Systems & Technology Radio
Archived Audio Interviews
Join Bank Systems & Technology Associate Editor Bryan Yurcan, and guests Karen Massey and Jerry Silva from IDC Financial Insights, for a conversation about the firm's 11th annual FinTech rankings.