With organizations increasingly focusing on access governance (as they should!), it would be foolish to underestimate the importance of Identity Management. Data on the what, why and when of information access must be complemented by the knowledge of who accesses data—in other words, the identity of the person accessing data. Identity management refers to the process of creating and implementing policies that define roles for every member of the organization (employees and vendors), and their associated privileges and access rights. The level of access that a user enjoys to applications, data, and different parts of the network,are defined by his role and responsibilities, and what he needs to perform his job.
An identity management system helps to automate provisioning, re-provisioning and de-provisioning of users as well, reducing time and effort spent, as well as human error.
Identity management is more than simply governing user access rights. It includes: a) defining enterprise-wide access policies; b) designing reporting mechanisms; c) defining rules-based alerts for when there is an unusual request or when a user tries to access information outside the scope of his role; and d)the regular monitoring of role assignments and changes (when employees move out of the organization, a particular role, or to a different function, and their identity within the organization changes accordingly).
Finally, remember that just like any other aspect of security, identity management too is an on-going, iterative process that does not end with the implementation of a solution.
ABOUT HAPPIEST MINDS
Happiest Minds enables Digital Transformation for enterprises and technology providers by delivering seamless customer experience, business efficiency and actionable insights through an integrated set of disruptive technologies: big data analytics, internet of things, mobility, cloud, security, unified communications, etc...