IDENTITY AND ACCESS MANAGEMENT

Management Summary

Compromised user credentials are one of the most important attack vectors for cybercriminals, who use identities gained from other breaches to gain access to corporate systems and data, enabling them to operate behind the scenes for long periods of time. Enterprise security today is being built around identity rather than network barriers.

With cloud services, Bring Your Own Device and the Internet Of Things there is no longer a boundary to protect. Protection now only comes from authenticating every user, device, system, service and program. Our identity has become critical in cybersecurity. Only trusted users with the right credentials should be granted access to the relevant resources. Identity is the new perimeter. 

  • 91% of phishing attacks target credentials

  • 70% of data breaches involve stolen or weak credentials

  • 51% of people re-use the same password

Eventually all organisations will move to a zero-trust world. In a zero-trust world, the right people have the right level of access to the right resources in the right context that is assessed continuously, with the least friction possible. Currently 97% of organisations are engaged in zero-trust projects, but only 16% of organisations have an explicit zero-trust strategy.

Identity and Access Management

Identity management, also known as Identity and Access Management (IDAM), is a framework of policies and technologies to ensure that the right users have the appropriate secure access to technology resources. It is a critical part of a modern IT security architecture and the first step on the road to a zero-trust architecture.

The scope of identity and access management is:

  1. Maintain a record of the users of systems are, including other systems as users, and validate that they are who they claim to be.

  2. maintain a record of permissions to access systems and data and on what basis.

  3. Ensure that only validated users have access to systems and data that they have been authorised to have access to.

  4. Maintain a record of those who are responsible for authorising access to specific resources.

  5. Maintain an audit log of identity and access-related events within the organisation.

A well-designed IDAM service will also make it easy for users to access these services securely without having to sign-in multiple times, will make onboarding, moves and changes and offboarding users simple across all systems,

How we can help

KITS helps customers to design and structure their work using identity and access management to improve both security and efficiency. The enterprise no longer has to worry about poor quality passwords, password re-use, password resets and compromised credentials. User experience and appropriate security measures are implemented based on the organisation’s infrastructure and environment.

KITS has lots of experience in implementing and managing multi-factor authentication and single-sign-on for organisations for in-house users as well as customers, contractors and suppliers.

Our chosen partner for Identity Management is Okta. Okta’s comprehensive user and customer identity and access management (CIAM) capabilities combined with workflows makes it easy to manage workforce changes, promotions, the introduction of new applications as well as mergers and acquisitions. 

Okta provides a sound foundation for user security and zero-trust IT infrastructure. Okta's service includes:

  • Authentication, including single-sign-on and multi-factor

  • Authorisation

  • Universal Directory

  • Lifecycle Management

  • API Access Management for employees, contractors and customers.  

  • Brand and reputation protection

  • Application & cloud security

  • end-point Protection

  • Anti-phishing