Gartner IAM Summit - Business Process For Access Governance
Posted on Tue, Nov 10, 2009 @ 12:17 PM
For those of you that are not currently at Gartner IAM Summit in San Diego, it's clear that the emerging trends for IAM is that security needs to become a business-centric process. Much of Earl Perkin's keynote focused on this idea and numerous sessions at the IAM Summit are also hitting on this trend as well. The business is getting frustrated with the IT security organization because the approach for requesting access and applying access policies is inefficient and ineffective.
The current approach for managing access at the application, data or system level is creating so much complexity that IT is not able to keep pace with access change in order to meet their service agreements with the business. The pace of change to access is also creating issues for managing and mitigating business risks associated with providing users access.
A number of customers that we are speaking with at this event are still struggling with the basics of getting the visibility to user access across the enterprise and being able to apply the proper controls while keeping up with change. We are advising them that they need to improve their process for how business users select access and embed governance (business policy controls for access) into the process, providing a preventative access control framework that will simplify the access change management process.