Posted on Tue, Oct 20, 2009 @ 01:14 PM
Two weeks ago Aveksa participated in a panel discussion at the ISSE event in the Netherlands on Identity & Access Management trends coming out of a recent KPMG/Everett survey report.
Infosecurity Magazine article on Identity & Access Management investment priorities
We were quoted in InfoSecurity Magazine's coverage of the event in an article regarding market drivers for investing in Identity and Access Management projects. While it's clear that access compliance is still a major issue for organizations, we are seeing a trend towards leverage an investment in access governance technologies for more than just complying with regulations. Forward thinking organizations are quick to realize that most of their access governance failures are back-end issues created by a front-end access control problem.
Specifically this problem relates to how access change requests are managed within the organization. By leveraging a role-based access change management framework, organizations have a preventative control that ensures the appropriateness of access for all users at every change point. This approach simplifies the process for how access is requested by the business (the context of using business roles), streamlines how is delivered to business (accounts, groups, entitlements and technical roles are now mapped to business roles, which makes it easier for IT to fulfill access) and ensures that access controls have been applied (rules are used to design roles and rules that can be run at the point of request for entitlements outside of the role).
For many organizations, simplifying how user access is delivered to the business and how it is governed across the enterprise is now getting investment priority over many other IAM projects because this project can delivery business value quickly while reducing IT security overhead and organizational burden associated with compliance.