Updated: Jul 18, 2020
Everyone in IT knows an acronym called IAM, Identity and Access Management which means, how the company process is designed for proofing that you are who you claim to be and then, giving you permission to access something. IAM process is very technical.
However, the landscape has changed since the cloud services came part of the picture. The simple IAM process is just not enough to manage every identity for companies. Therefore designing Identity Governance will structure and help you to understand, what identities your organisation currently has and how they should be protected. It is like an umbrella with standardised procedures that are easier to budget for the new solution implementation.
FIDO 2 brings a great technology neutral way to secure your cloud accounts and identities and you have also possibility to use it in your internal identity process as well. When considering phishing, it can also precent your cloud accounts being impersonated.
When it comes to accesses the Governance is important, because seldom we work with one provider only. When you have cross cloud solution, where for instance your CRM is running in different cloud than your other services, you have more options to select technology neutral best fit solution for your organisation.
Your organisation have also customers and external consultants, who are working with your provided tools. That is why it is very important to have standardised way to process each request and automated some of the process parts, so that the onboarding process after vetting is shorter.
Each identity and access should be reviewed every now and then. Therefore it is good to design lifecycle what and when will happen. Lifecycle management can be easy for newer systems that already supports time-based lifecycles. Time-based lifecycle helps your organisation to manage situations when the access is not removed by your sub-contractor, even the employee has left, leaving your organisation into a not that nice situation as the identity and accesses are still open. This also helps your organisation to manage the accounts, that are there, but you don't know why and for what they are used for.
In case you wish to know more about the Identity Governance, please do not hesitate to contact! email@example.com (we do have spam and safe links in use in more sophisticated level, than filtering, so our post is going thru a separate sandbox check, before reaching our email