SlideShare a Scribd company logo

How to Solve the Top 3 Struggles with Identity Governance and Administration (IGA)

Core Security
Core Security

Identity Governance and Administration solutions are more than the newest security buzzword, they are integral solutions that work with your Identity and Access Management solutions to keep your network safe. In this webinar, our product solutions team will talk about, and explain how to solve, the three biggest struggles they see with IGA programs such as: - Dealing with Third Party Contractors - Struggling with finding time to do more reviews - Keeping up with compounding access

Software
1 of 11
Download to read offline
Identity Governance and Administration (IGA) What are the top problems?
What are the Top 3 Problems in IGA? 1. Visibility into access o Do you really have the right access? How has an employee’s access changed over their lifecyle within the organization? Typically, the longer you’re here, the more access you accumulate. 2. Third Party User Management: o It’s the Wild West when it comes to managing contractors… 3. Certifying Access: o We want to do more access reviews, but it’s so time consuming that only the minimum reviews are being done.
1. Visibility into access: What’s Right? How do we assign roles and entitlements? Time with the company Amountofentitlements Entitlement ‘creep’: • How do you manage this? • How do justify removing entitlements?
1. Visibility into access: What’s Right? How do we assign roles and entitlements? Issues with this approach: • Are the starting roles even right? • How do you know you haven’t over- or under- provisioned? • Are the people getting these roles similar enough? User 1 Department: A User 2 Department: A New User 3 Department: A Amount of matches in entitlements: 10/10 Percentage: 100% Good match for new User Role Conventional Approach:
What’s Right? Optimal Approach: Visual Grouping: A system that allows automatic grouping of like entitlements; roles are seen as overlays to incoming data
Available Entitlements 2. Third Party User Management HR System IGA System X Open Accounts: Preferred targets for criminal operators
May June July August September October November 3. Certifying Access How do I review so many entitlements? Certification review Cycle Timeneededforreview Entitlements per Employee Manager Employees Why so much time needed to run Certifications?
This is what a Manager has to review… “Where do I even start, and when will I have time for this? Answer: Let’s make things easier…
Data Visualization
Summary 1. Visibility into access o Typically, the longer you’re here, the more access you accumulate. o Answer: Keep visibility into entitlement growth by instituting an IGA program that continuously monitors entitlements and provides an easy visualization into the state of the business. 2. Third Party User Management: o It’s the Wild West when it comes to managing contractors… o Answer: Incorporate contractors into your IGA program/suite. This ensures continual vigilance and reduction of your attack surface area. 3. Certifying Access: o We want to do more access reviews, but it’s so time consuming that only the minimum reviews are being done. o Answer: Make things easier for your reviewers; provide them the tools necessary to perform quick reviews!
THANK YOU! © 2018 by SecureAuth + Core Security All rights reserved

Recommended

3 Ways Machine Learning Facilitates Fraud Detection
3 Ways Machine Learning Facilitates Fraud Detection3 Ways Machine Learning Facilitates Fraud Detection
3 Ways Machine Learning Facilitates Fraud DetectionTyrone Systems
 
Boomtrain deck
Boomtrain deck Boomtrain deck
Boomtrain deck Tim Yandel
 
False Website Downtime Alerts Are More Than a Nuisance
False Website Downtime Alerts Are More Than a NuisanceFalse Website Downtime Alerts Are More Than a Nuisance
False Website Downtime Alerts Are More Than a NuisanceDavis J Martin
 
Cloud Compliance Use Case Demo
Cloud Compliance Use Case DemoCloud Compliance Use Case Demo
Cloud Compliance Use Case Demoforkish
 
4 ways to defend against internal attacks
4 ways to defend against internal attacks4 ways to defend against internal attacks
4 ways to defend against internal attacksCourion Corporation
 
4 Ways to Defend Against Internal Attacks
4 Ways to Defend Against Internal Attacks4 Ways to Defend Against Internal Attacks
4 Ways to Defend Against Internal AttacksKevin O'Connor
 
Best Practices for Access Reviews - How to Reduce Risks and Improve Operation...
Best Practices for Access Reviews - How to Reduce Risks and Improve Operation...Best Practices for Access Reviews - How to Reduce Risks and Improve Operation...
Best Practices for Access Reviews - How to Reduce Risks and Improve Operation...PECB
 
The 3 core indicators
The 3 core indicatorsThe 3 core indicators
The 3 core indicatorsSoft Intelligence
 

Recommended

3 Ways Machine Learning Facilitates Fraud Detection
3 Ways Machine Learning Facilitates Fraud Detection3 Ways Machine Learning Facilitates Fraud Detection
3 Ways Machine Learning Facilitates Fraud DetectionTyrone Systems
 
Boomtrain deck
Boomtrain deck Boomtrain deck
Boomtrain deck Tim Yandel
 
False Website Downtime Alerts Are More Than a Nuisance
False Website Downtime Alerts Are More Than a NuisanceFalse Website Downtime Alerts Are More Than a Nuisance
False Website Downtime Alerts Are More Than a NuisanceDavis J Martin
 
Cloud Compliance Use Case Demo
Cloud Compliance Use Case DemoCloud Compliance Use Case Demo
Cloud Compliance Use Case Demoforkish
 
4 ways to defend against internal attacks
4 ways to defend against internal attacks4 ways to defend against internal attacks
4 ways to defend against internal attacksCourion Corporation
 
4 Ways to Defend Against Internal Attacks
4 Ways to Defend Against Internal Attacks4 Ways to Defend Against Internal Attacks
4 Ways to Defend Against Internal AttacksKevin O'Connor
 
Best Practices for Access Reviews - How to Reduce Risks and Improve Operation...
Best Practices for Access Reviews - How to Reduce Risks and Improve Operation...Best Practices for Access Reviews - How to Reduce Risks and Improve Operation...
Best Practices for Access Reviews - How to Reduce Risks and Improve Operation...PECB
 
The 3 core indicators
The 3 core indicatorsThe 3 core indicators
The 3 core indicatorsSoft Intelligence
 
A Detailed Explanation On The Marking Criteria For Ielts Writing Task 1 ...
A Detailed Explanation On The Marking Criteria For Ielts Writing Task 1 ...A Detailed Explanation On The Marking Criteria For Ielts Writing Task 1 ...
A Detailed Explanation On The Marking Criteria For Ielts Writing Task 1 ...Shannon Olsen
 
Credit Union Cyber Security
Credit Union Cyber SecurityCredit Union Cyber Security
Credit Union Cyber SecurityStacy Willis
 
PayrollHero Manager's TAS Guide
PayrollHero Manager's TAS GuidePayrollHero Manager's TAS Guide
PayrollHero Manager's TAS GuidePayrollHero
 
Vendors, and Risk, and Tigers, and Bears, Oh My: How to Create a Vendor Revie...
Vendors, and Risk, and Tigers, and Bears, Oh My: How to Create a Vendor Revie...Vendors, and Risk, and Tigers, and Bears, Oh My: How to Create a Vendor Revie...
Vendors, and Risk, and Tigers, and Bears, Oh My: How to Create a Vendor Revie...Wendy Knox Everette
 
Kellogg Video Essay Question List. Online assignment writing service.
Kellogg Video Essay Question List. Online assignment writing service.Kellogg Video Essay Question List. Online assignment writing service.
Kellogg Video Essay Question List. Online assignment writing service.Ashley Opokuaa
 
service metrics at ITSMFUSA 2008
service metrics at ITSMFUSA 2008service metrics at ITSMFUSA 2008
service metrics at ITSMFUSA 2008guest904c03
 
FixNix 17 products1.0
FixNix 17 products1.0FixNix 17 products1.0
FixNix 17 products1.0FixNix Inc.,
 
PKF S&S_Newsletter Issue No 5-2013
PKF S&S_Newsletter Issue No 5-2013PKF S&S_Newsletter Issue No 5-2013
PKF S&S_Newsletter Issue No 5-2013Sriram Kannan
 
ppt on e crime management system
ppt on e crime management systemppt on e crime management system
ppt on e crime management systemKrishna Kinkar Jha
 
Mf0013 internal audit and control
Mf0013 internal audit and controlMf0013 internal audit and control
Mf0013 internal audit and controlsmumbahelp
 
How to Stay on Top of Users' Identities and their Access Rights
How to Stay on Top of Users' Identities and their Access RightsHow to Stay on Top of Users' Identities and their Access Rights
How to Stay on Top of Users' Identities and their Access RightsIvanti
 
SPI_Conference_Handling Breakups to Save Future Headaches_Final
SPI_Conference_Handling Breakups to Save Future Headaches_FinalSPI_Conference_Handling Breakups to Save Future Headaches_Final
SPI_Conference_Handling Breakups to Save Future Headaches_FinalCurtis Weldon
 
20190110 LeanKanban Meetup Story Splitting and Automated Testing
20190110 LeanKanban Meetup Story Splitting and Automated Testing20190110 LeanKanban Meetup Story Splitting and Automated Testing
20190110 LeanKanban Meetup Story Splitting and Automated TestingCraeg Strong
 
CONTROL AND AUDIT
CONTROL AND AUDITCONTROL AND AUDIT
CONTROL AND AUDITRos Dina
 
5 forces incident problem mgmt-presentation
5 forces incident problem mgmt-presentation5 forces incident problem mgmt-presentation
5 forces incident problem mgmt-presentationAnna Sadokhina
 
ITIL Incident Management Workflow PowerPoint Presentation Slides
ITIL Incident Management Workflow PowerPoint Presentation SlidesITIL Incident Management Workflow PowerPoint Presentation Slides
ITIL Incident Management Workflow PowerPoint Presentation SlidesSlideTeam
 
Mf0013 & internal audit & control
Mf0013 & internal audit & controlMf0013 & internal audit & control
Mf0013 & internal audit & controlsmumbahelp
 
Six Reasons Businesses Can Benefit from Applicant Tracking Systems.docx
Six Reasons Businesses Can Benefit from Applicant Tracking Systems.docxSix Reasons Businesses Can Benefit from Applicant Tracking Systems.docx
Six Reasons Businesses Can Benefit from Applicant Tracking Systems.docxSameerShaik43
 
Mf0013 & internal audit & control
Mf0013 & internal audit & controlMf0013 & internal audit & control
Mf0013 & internal audit & controlsmumbahelp
 
Nextcard Case Essay
Nextcard Case EssayNextcard Case Essay
Nextcard Case EssayAngie Jorgensen
 
Lazy Penetration Tester Tricks
Lazy Penetration Tester Tricks Lazy Penetration Tester Tricks
Lazy Penetration Tester Tricks Core Security
 
Thanks for All the Phish: Introducing Core Impact 18.1
Thanks for All the Phish: Introducing Core Impact 18.1Thanks for All the Phish: Introducing Core Impact 18.1
Thanks for All the Phish: Introducing Core Impact 18.1Core Security
 

More Related Content

Similar to How to Solve the Top 3 Struggles with Identity Governance and Administration (IGA)

A Detailed Explanation On The Marking Criteria For Ielts Writing Task 1 ...
A Detailed Explanation On The Marking Criteria For Ielts Writing Task 1 ...A Detailed Explanation On The Marking Criteria For Ielts Writing Task 1 ...
A Detailed Explanation On The Marking Criteria For Ielts Writing Task 1 ...Shannon Olsen
 
Credit Union Cyber Security
Credit Union Cyber SecurityCredit Union Cyber Security
Credit Union Cyber SecurityStacy Willis
 
PayrollHero Manager's TAS Guide
PayrollHero Manager's TAS GuidePayrollHero Manager's TAS Guide
PayrollHero Manager's TAS GuidePayrollHero
 
Vendors, and Risk, and Tigers, and Bears, Oh My: How to Create a Vendor Revie...
Vendors, and Risk, and Tigers, and Bears, Oh My: How to Create a Vendor Revie...Vendors, and Risk, and Tigers, and Bears, Oh My: How to Create a Vendor Revie...
Vendors, and Risk, and Tigers, and Bears, Oh My: How to Create a Vendor Revie...Wendy Knox Everette
 
Kellogg Video Essay Question List. Online assignment writing service.
Kellogg Video Essay Question List. Online assignment writing service.Kellogg Video Essay Question List. Online assignment writing service.
Kellogg Video Essay Question List. Online assignment writing service.Ashley Opokuaa
 
service metrics at ITSMFUSA 2008
service metrics at ITSMFUSA 2008service metrics at ITSMFUSA 2008
service metrics at ITSMFUSA 2008guest904c03
 
FixNix 17 products1.0
FixNix 17 products1.0FixNix 17 products1.0
FixNix 17 products1.0FixNix Inc.,
 
PKF S&S_Newsletter Issue No 5-2013
PKF S&S_Newsletter Issue No 5-2013PKF S&S_Newsletter Issue No 5-2013
PKF S&S_Newsletter Issue No 5-2013Sriram Kannan
 
ppt on e crime management system
ppt on e crime management systemppt on e crime management system
ppt on e crime management systemKrishna Kinkar Jha
 
Mf0013 internal audit and control
Mf0013 internal audit and controlMf0013 internal audit and control
Mf0013 internal audit and controlsmumbahelp
 
How to Stay on Top of Users' Identities and their Access Rights
How to Stay on Top of Users' Identities and their Access RightsHow to Stay on Top of Users' Identities and their Access Rights
How to Stay on Top of Users' Identities and their Access RightsIvanti
 
SPI_Conference_Handling Breakups to Save Future Headaches_Final
SPI_Conference_Handling Breakups to Save Future Headaches_FinalSPI_Conference_Handling Breakups to Save Future Headaches_Final
SPI_Conference_Handling Breakups to Save Future Headaches_FinalCurtis Weldon
 
20190110 LeanKanban Meetup Story Splitting and Automated Testing
20190110 LeanKanban Meetup Story Splitting and Automated Testing20190110 LeanKanban Meetup Story Splitting and Automated Testing
20190110 LeanKanban Meetup Story Splitting and Automated TestingCraeg Strong
 
CONTROL AND AUDIT
CONTROL AND AUDITCONTROL AND AUDIT
CONTROL AND AUDITRos Dina
 
5 forces incident problem mgmt-presentation
5 forces incident problem mgmt-presentation5 forces incident problem mgmt-presentation
5 forces incident problem mgmt-presentationAnna Sadokhina
 
ITIL Incident Management Workflow PowerPoint Presentation Slides
ITIL Incident Management Workflow PowerPoint Presentation SlidesITIL Incident Management Workflow PowerPoint Presentation Slides
ITIL Incident Management Workflow PowerPoint Presentation SlidesSlideTeam
 
Mf0013 & internal audit & control
Mf0013 & internal audit & controlMf0013 & internal audit & control
Mf0013 & internal audit & controlsmumbahelp
 
Six Reasons Businesses Can Benefit from Applicant Tracking Systems.docx
Six Reasons Businesses Can Benefit from Applicant Tracking Systems.docxSix Reasons Businesses Can Benefit from Applicant Tracking Systems.docx
Six Reasons Businesses Can Benefit from Applicant Tracking Systems.docxSameerShaik43
 
Mf0013 & internal audit & control
Mf0013 & internal audit & controlMf0013 & internal audit & control
Mf0013 & internal audit & controlsmumbahelp
 

Similar to How to Solve the Top 3 Struggles with Identity Governance and Administration (IGA) (20)

A Detailed Explanation On The Marking Criteria For Ielts Writing Task 1 ...
A Detailed Explanation On The Marking Criteria For Ielts Writing Task 1 ...A Detailed Explanation On The Marking Criteria For Ielts Writing Task 1 ...
A Detailed Explanation On The Marking Criteria For Ielts Writing Task 1 ...
 
Credit Union Cyber Security
Credit Union Cyber SecurityCredit Union Cyber Security
Credit Union Cyber Security
 
PayrollHero Manager's TAS Guide
PayrollHero Manager's TAS GuidePayrollHero Manager's TAS Guide
PayrollHero Manager's TAS Guide
 
Vendors, and Risk, and Tigers, and Bears, Oh My: How to Create a Vendor Revie...
Vendors, and Risk, and Tigers, and Bears, Oh My: How to Create a Vendor Revie...Vendors, and Risk, and Tigers, and Bears, Oh My: How to Create a Vendor Revie...
Vendors, and Risk, and Tigers, and Bears, Oh My: How to Create a Vendor Revie...
 
Kellogg Video Essay Question List. Online assignment writing service.
Kellogg Video Essay Question List. Online assignment writing service.Kellogg Video Essay Question List. Online assignment writing service.
Kellogg Video Essay Question List. Online assignment writing service.
 
service metrics at ITSMFUSA 2008
service metrics at ITSMFUSA 2008service metrics at ITSMFUSA 2008
service metrics at ITSMFUSA 2008
 
FixNix 17 products1.0
FixNix 17 products1.0FixNix 17 products1.0
FixNix 17 products1.0
 
PKF S&S_Newsletter Issue No 5-2013
PKF S&S_Newsletter Issue No 5-2013PKF S&S_Newsletter Issue No 5-2013
PKF S&S_Newsletter Issue No 5-2013
 
ppt on e crime management system
ppt on e crime management systemppt on e crime management system
ppt on e crime management system
 
Mf0013 internal audit and control
Mf0013 internal audit and controlMf0013 internal audit and control
Mf0013 internal audit and control
 
How to Stay on Top of Users' Identities and their Access Rights
How to Stay on Top of Users' Identities and their Access RightsHow to Stay on Top of Users' Identities and their Access Rights
How to Stay on Top of Users' Identities and their Access Rights
 
SPI_Conference_Handling Breakups to Save Future Headaches_Final
SPI_Conference_Handling Breakups to Save Future Headaches_FinalSPI_Conference_Handling Breakups to Save Future Headaches_Final
SPI_Conference_Handling Breakups to Save Future Headaches_Final
 
20190110 LeanKanban Meetup Story Splitting and Automated Testing
20190110 LeanKanban Meetup Story Splitting and Automated Testing20190110 LeanKanban Meetup Story Splitting and Automated Testing
20190110 LeanKanban Meetup Story Splitting and Automated Testing
 
CONTROL AND AUDIT
CONTROL AND AUDITCONTROL AND AUDIT
CONTROL AND AUDIT
 
5 forces incident problem mgmt-presentation
5 forces incident problem mgmt-presentation5 forces incident problem mgmt-presentation
5 forces incident problem mgmt-presentation
 
ITIL Incident Management Workflow PowerPoint Presentation Slides
ITIL Incident Management Workflow PowerPoint Presentation SlidesITIL Incident Management Workflow PowerPoint Presentation Slides
ITIL Incident Management Workflow PowerPoint Presentation Slides
 
Mf0013 & internal audit & control
Mf0013 & internal audit & controlMf0013 & internal audit & control
Mf0013 & internal audit & control
 
Six Reasons Businesses Can Benefit from Applicant Tracking Systems.docx
Six Reasons Businesses Can Benefit from Applicant Tracking Systems.docxSix Reasons Businesses Can Benefit from Applicant Tracking Systems.docx
Six Reasons Businesses Can Benefit from Applicant Tracking Systems.docx
 
Mf0013 & internal audit & control
Mf0013 & internal audit & controlMf0013 & internal audit & control
Mf0013 & internal audit & control
 
Nextcard Case Essay
Nextcard Case EssayNextcard Case Essay
Nextcard Case Essay
 

More from Core Security

Lazy Penetration Tester Tricks
Lazy Penetration Tester Tricks Lazy Penetration Tester Tricks
Lazy Penetration Tester Tricks Core Security
 
Thanks for All the Phish: Introducing Core Impact 18.1
Thanks for All the Phish: Introducing Core Impact 18.1Thanks for All the Phish: Introducing Core Impact 18.1
Thanks for All the Phish: Introducing Core Impact 18.1Core Security
 
Identity + Security: Welcome to Your New Career
Identity + Security: Welcome to Your New Career Identity + Security: Welcome to Your New Career
Identity + Security: Welcome to Your New Career Core Security
 
Put Analytics And Automation At The Core Of Security – Joseph Blankenship – S...
Put Analytics And Automation At The Core Of Security – Joseph Blankenship – S...Put Analytics And Automation At The Core Of Security – Joseph Blankenship – S...
Put Analytics And Automation At The Core Of Security – Joseph Blankenship – S...Core Security
 
No More SIlos: Connected Security - Mike Desai and Ryan Rowcliffe
No More SIlos: Connected Security - Mike Desai and Ryan RowcliffeNo More SIlos: Connected Security - Mike Desai and Ryan Rowcliffe
No More SIlos: Connected Security - Mike Desai and Ryan RowcliffeCore Security
 
Modern Authentication – Turn a Losing Battle into a Winning Strategy, Robert ...
Modern Authentication – Turn a Losing Battle into a Winning Strategy, Robert ...Modern Authentication – Turn a Losing Battle into a Winning Strategy, Robert ...
Modern Authentication – Turn a Losing Battle into a Winning Strategy, Robert ...Core Security
 
Security Consulting Services - Which Is The Best Option For Me? - Diego Sor, ...
Security Consulting Services - Which Is The Best Option For Me? - Diego Sor, ...Security Consulting Services - Which Is The Best Option For Me? - Diego Sor, ...
Security Consulting Services - Which Is The Best Option For Me? - Diego Sor, ...Core Security
 
Threat Dissection - Alberto Soliño Testa Research Director, Core Security
Threat Dissection - Alberto Soliño Testa Research Director, Core SecurityThreat Dissection - Alberto Soliño Testa Research Director, Core Security
Threat Dissection - Alberto Soliño Testa Research Director, Core SecurityCore Security
 
How to Defeat the Vulnerability Hydra - Andy Nickel Sales Engineer, Core Secu...
How to Defeat the Vulnerability Hydra - Andy Nickel Sales Engineer, Core Secu...How to Defeat the Vulnerability Hydra - Andy Nickel Sales Engineer, Core Secu...
How to Defeat the Vulnerability Hydra - Andy Nickel Sales Engineer, Core Secu...Core Security
 
Understanding Network Insight Integrations to Automate Containment and Kick S...
Understanding Network Insight Integrations to Automate Containment and Kick S...Understanding Network Insight Integrations to Automate Containment and Kick S...
Understanding Network Insight Integrations to Automate Containment and Kick S...Core Security
 
Product Vision - Stephen Newman – SecureAuth+Core Security
Product Vision - Stephen Newman – SecureAuth+Core Security Product Vision - Stephen Newman – SecureAuth+Core Security
Product Vision - Stephen Newman – SecureAuth+Core Security Core Security
 
The Good, the Bad, and The Not So Bad: Tracking Threat Operators with Our Thr...
The Good, the Bad, and The Not So Bad: Tracking Threat Operators with Our Thr...The Good, the Bad, and The Not So Bad: Tracking Threat Operators with Our Thr...
The Good, the Bad, and The Not So Bad: Tracking Threat Operators with Our Thr...Core Security
 
Introducing Core Role Designer - Michael Marks Product Manager - Identity, Co...
Introducing Core Role Designer - Michael Marks Product Manager - Identity, Co...Introducing Core Role Designer - Michael Marks Product Manager - Identity, Co...
Introducing Core Role Designer - Michael Marks Product Manager - Identity, Co...Core Security
 
Core Connector API Demo - Michael Marks Product Manager - Identity, Core Secu...
Core Connector API Demo - Michael Marks Product Manager - Identity, Core Secu...Core Connector API Demo - Michael Marks Product Manager - Identity, Core Secu...
Core Connector API Demo - Michael Marks Product Manager - Identity, Core Secu...Core Security
 
Access Assurance Suite Tips & Tricks - Lisa Lombardo Principal Architect Iden...
Access Assurance Suite Tips & Tricks - Lisa Lombardo Principal Architect Iden...Access Assurance Suite Tips & Tricks - Lisa Lombardo Principal Architect Iden...
Access Assurance Suite Tips & Tricks - Lisa Lombardo Principal Architect Iden...Core Security
 
The Why - Keith Graham, CTO – SecureAuth+Core Security
The Why - Keith Graham, CTO – SecureAuth+Core Security The Why - Keith Graham, CTO – SecureAuth+Core Security
The Why - Keith Graham, CTO – SecureAuth+Core Security Core Security
 
Vulnerability Insight Tips & Tricks - Magno Gomes SE Manager, Core Security
Vulnerability Insight Tips & Tricks - Magno Gomes SE Manager, Core SecurityVulnerability Insight Tips & Tricks - Magno Gomes SE Manager, Core Security
Vulnerability Insight Tips & Tricks - Magno Gomes SE Manager, Core SecurityCore Security
 
Network Insight: How To Assess Findings - Tier 1 SOC Triage - Mark Gilbert ,T...
Network Insight: How To Assess Findings - Tier 1 SOC Triage - Mark Gilbert ,T...Network Insight: How To Assess Findings - Tier 1 SOC Triage - Mark Gilbert ,T...
Network Insight: How To Assess Findings - Tier 1 SOC Triage - Mark Gilbert ,T...Core Security
 
10 IT Security Trends to Watch for in 2016
10 IT Security Trends to Watch for in 201610 IT Security Trends to Watch for in 2016
10 IT Security Trends to Watch for in 2016Core Security
 
Trending it security threats in the public sector
Trending it security threats in the public sectorTrending it security threats in the public sector
Trending it security threats in the public sectorCore Security
 

More from Core Security (20)

Lazy Penetration Tester Tricks
Lazy Penetration Tester Tricks Lazy Penetration Tester Tricks
Lazy Penetration Tester Tricks
 
Thanks for All the Phish: Introducing Core Impact 18.1
Thanks for All the Phish: Introducing Core Impact 18.1Thanks for All the Phish: Introducing Core Impact 18.1
Thanks for All the Phish: Introducing Core Impact 18.1
 
Identity + Security: Welcome to Your New Career
Identity + Security: Welcome to Your New Career Identity + Security: Welcome to Your New Career
Identity + Security: Welcome to Your New Career
 
Put Analytics And Automation At The Core Of Security – Joseph Blankenship – S...
Put Analytics And Automation At The Core Of Security – Joseph Blankenship – S...Put Analytics And Automation At The Core Of Security – Joseph Blankenship – S...
Put Analytics And Automation At The Core Of Security – Joseph Blankenship – S...
 
No More SIlos: Connected Security - Mike Desai and Ryan Rowcliffe
No More SIlos: Connected Security - Mike Desai and Ryan RowcliffeNo More SIlos: Connected Security - Mike Desai and Ryan Rowcliffe
No More SIlos: Connected Security - Mike Desai and Ryan Rowcliffe
 
Modern Authentication – Turn a Losing Battle into a Winning Strategy, Robert ...
Modern Authentication – Turn a Losing Battle into a Winning Strategy, Robert ...Modern Authentication – Turn a Losing Battle into a Winning Strategy, Robert ...
Modern Authentication – Turn a Losing Battle into a Winning Strategy, Robert ...
 
Security Consulting Services - Which Is The Best Option For Me? - Diego Sor, ...
Security Consulting Services - Which Is The Best Option For Me? - Diego Sor, ...Security Consulting Services - Which Is The Best Option For Me? - Diego Sor, ...
Security Consulting Services - Which Is The Best Option For Me? - Diego Sor, ...
 
Threat Dissection - Alberto Soliño Testa Research Director, Core Security
Threat Dissection - Alberto Soliño Testa Research Director, Core SecurityThreat Dissection - Alberto Soliño Testa Research Director, Core Security
Threat Dissection - Alberto Soliño Testa Research Director, Core Security
 
How to Defeat the Vulnerability Hydra - Andy Nickel Sales Engineer, Core Secu...
How to Defeat the Vulnerability Hydra - Andy Nickel Sales Engineer, Core Secu...How to Defeat the Vulnerability Hydra - Andy Nickel Sales Engineer, Core Secu...
How to Defeat the Vulnerability Hydra - Andy Nickel Sales Engineer, Core Secu...
 
Understanding Network Insight Integrations to Automate Containment and Kick S...
Understanding Network Insight Integrations to Automate Containment and Kick S...Understanding Network Insight Integrations to Automate Containment and Kick S...
Understanding Network Insight Integrations to Automate Containment and Kick S...
 
Product Vision - Stephen Newman – SecureAuth+Core Security
Product Vision - Stephen Newman – SecureAuth+Core Security Product Vision - Stephen Newman – SecureAuth+Core Security
Product Vision - Stephen Newman – SecureAuth+Core Security
 
The Good, the Bad, and The Not So Bad: Tracking Threat Operators with Our Thr...
The Good, the Bad, and The Not So Bad: Tracking Threat Operators with Our Thr...The Good, the Bad, and The Not So Bad: Tracking Threat Operators with Our Thr...
The Good, the Bad, and The Not So Bad: Tracking Threat Operators with Our Thr...
 
Introducing Core Role Designer - Michael Marks Product Manager - Identity, Co...
Introducing Core Role Designer - Michael Marks Product Manager - Identity, Co...Introducing Core Role Designer - Michael Marks Product Manager - Identity, Co...
Introducing Core Role Designer - Michael Marks Product Manager - Identity, Co...
 
Core Connector API Demo - Michael Marks Product Manager - Identity, Core Secu...
Core Connector API Demo - Michael Marks Product Manager - Identity, Core Secu...Core Connector API Demo - Michael Marks Product Manager - Identity, Core Secu...
Core Connector API Demo - Michael Marks Product Manager - Identity, Core Secu...
 
Access Assurance Suite Tips & Tricks - Lisa Lombardo Principal Architect Iden...
Access Assurance Suite Tips & Tricks - Lisa Lombardo Principal Architect Iden...Access Assurance Suite Tips & Tricks - Lisa Lombardo Principal Architect Iden...
Access Assurance Suite Tips & Tricks - Lisa Lombardo Principal Architect Iden...
 
The Why - Keith Graham, CTO – SecureAuth+Core Security
The Why - Keith Graham, CTO – SecureAuth+Core Security The Why - Keith Graham, CTO – SecureAuth+Core Security
The Why - Keith Graham, CTO – SecureAuth+Core Security
 
Vulnerability Insight Tips & Tricks - Magno Gomes SE Manager, Core Security
Vulnerability Insight Tips & Tricks - Magno Gomes SE Manager, Core SecurityVulnerability Insight Tips & Tricks - Magno Gomes SE Manager, Core Security
Vulnerability Insight Tips & Tricks - Magno Gomes SE Manager, Core Security
 
Network Insight: How To Assess Findings - Tier 1 SOC Triage - Mark Gilbert ,T...
Network Insight: How To Assess Findings - Tier 1 SOC Triage - Mark Gilbert ,T...Network Insight: How To Assess Findings - Tier 1 SOC Triage - Mark Gilbert ,T...
Network Insight: How To Assess Findings - Tier 1 SOC Triage - Mark Gilbert ,T...
 
10 IT Security Trends to Watch for in 2016
10 IT Security Trends to Watch for in 201610 IT Security Trends to Watch for in 2016
10 IT Security Trends to Watch for in 2016
 
Trending it security threats in the public sector
Trending it security threats in the public sectorTrending it security threats in the public sector
Trending it security threats in the public sector
 

Recently uploaded

Software Quality Assurance Interview Questions
Software Quality Assurance Interview QuestionsSoftware Quality Assurance Interview Questions
Software Quality Assurance Interview QuestionsArshad QA
 
Der Spagat zwischen BIAS und FAIRNESS (2024)
Der Spagat zwischen BIAS und FAIRNESS (2024)Der Spagat zwischen BIAS und FAIRNESS (2024)
Der Spagat zwischen BIAS und FAIRNESS (2024)OPEN KNOWLEDGE GmbH
 
Building Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop SlideBuilding Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop SlideChristina Lin
 
why an Opensea Clone Script might be your perfect match.pdf
why an Opensea Clone Script might be your perfect match.pdfwhy an Opensea Clone Script might be your perfect match.pdf
why an Opensea Clone Script might be your perfect match.pdfjoe51371421
 
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfLearn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfkalichargn70th171
 
Test Automation Strategy for Frontend and Backend
Test Automation Strategy for Frontend and BackendTest Automation Strategy for Frontend and Backend
Test Automation Strategy for Frontend and BackendArshad QA
 
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️anilsa9823
 
Salesforce Certified Field Service Consultant
Salesforce Certified Field Service ConsultantSalesforce Certified Field Service Consultant
Salesforce Certified Field Service ConsultantAxelRicardoTrocheRiq
 
How To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.jsHow To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.jsAndolasoft Inc
 
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...MyIntelliSource, Inc.
 
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...ICS
 
Professional Resume Template for Software Developers
Professional Resume Template for Software DevelopersProfessional Resume Template for Software Developers
Professional Resume Template for Software DevelopersVinodh Ram
 
Active Directory Penetration Testing, cionsystems.com.pdf
Active Directory Penetration Testing, cionsystems.com.pdfActive Directory Penetration Testing, cionsystems.com.pdf
Active Directory Penetration Testing, cionsystems.com.pdfCionsystems
 
Optimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVOptimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVshikhaohhpro
 
A Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxA Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxComplianceQuest1
 
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...gurkirankumar98700
 
TECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providerTECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providermohitmore19
 
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...harshavardhanraghave
 
Cloud Management Software Platforms: OpenStack
Cloud Management Software Platforms: OpenStackCloud Management Software Platforms: OpenStack
Cloud Management Software Platforms: OpenStackVICTOR MAESTRE RAMIREZ
 

Recently uploaded (20)

Software Quality Assurance Interview Questions
Software Quality Assurance Interview QuestionsSoftware Quality Assurance Interview Questions
Software Quality Assurance Interview Questions
 
Der Spagat zwischen BIAS und FAIRNESS (2024)
Der Spagat zwischen BIAS und FAIRNESS (2024)Der Spagat zwischen BIAS und FAIRNESS (2024)
Der Spagat zwischen BIAS und FAIRNESS (2024)
 
Building Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop SlideBuilding Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
 
Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS LiveVip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
 
why an Opensea Clone Script might be your perfect match.pdf
why an Opensea Clone Script might be your perfect match.pdfwhy an Opensea Clone Script might be your perfect match.pdf
why an Opensea Clone Script might be your perfect match.pdf
 
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfLearn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
 
Test Automation Strategy for Frontend and Backend
Test Automation Strategy for Frontend and BackendTest Automation Strategy for Frontend and Backend
Test Automation Strategy for Frontend and Backend
 
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
 
Salesforce Certified Field Service Consultant
Salesforce Certified Field Service ConsultantSalesforce Certified Field Service Consultant
Salesforce Certified Field Service Consultant
 
How To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.jsHow To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.js
 
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
 
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
 
Professional Resume Template for Software Developers
Professional Resume Template for Software DevelopersProfessional Resume Template for Software Developers
Professional Resume Template for Software Developers
 
Active Directory Penetration Testing, cionsystems.com.pdf
Active Directory Penetration Testing, cionsystems.com.pdfActive Directory Penetration Testing, cionsystems.com.pdf
Active Directory Penetration Testing, cionsystems.com.pdf
 
Optimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVOptimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTV
 
A Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxA Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docx
 
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
 
TECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providerTECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service provider
 
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
 
Cloud Management Software Platforms: OpenStack
Cloud Management Software Platforms: OpenStackCloud Management Software Platforms: OpenStack
Cloud Management Software Platforms: OpenStack
 

How to Solve the Top 3 Struggles with Identity Governance and Administration (IGA)

  • 1. Identity Governance and Administration (IGA) What are the top problems?
  • 2. What are the Top 3 Problems in IGA? 1. Visibility into access o Do you really have the right access? How has an employee’s access changed over their lifecyle within the organization? Typically, the longer you’re here, the more access you accumulate. 2. Third Party User Management: o It’s the Wild West when it comes to managing contractors… 3. Certifying Access: o We want to do more access reviews, but it’s so time consuming that only the minimum reviews are being done.
  • 3. 1. Visibility into access: What’s Right? How do we assign roles and entitlements? Time with the company Amountofentitlements Entitlement ‘creep’: • How do you manage this? • How do justify removing entitlements?
  • 4. 1. Visibility into access: What’s Right? How do we assign roles and entitlements? Issues with this approach: • Are the starting roles even right? • How do you know you haven’t over- or under- provisioned? • Are the people getting these roles similar enough? User 1 Department: A User 2 Department: A New User 3 Department: A Amount of matches in entitlements: 10/10 Percentage: 100% Good match for new User Role Conventional Approach:
  • 5. What’s Right? Optimal Approach: Visual Grouping: A system that allows automatic grouping of like entitlements; roles are seen as overlays to incoming data
  • 6. Available Entitlements 2. Third Party User Management HR System IGA System X Open Accounts: Preferred targets for criminal operators
  • 7. May June July August September October November 3. Certifying Access How do I review so many entitlements? Certification review Cycle Timeneededforreview Entitlements per Employee Manager Employees Why so much time needed to run Certifications?
  • 8. This is what a Manager has to review… “Where do I even start, and when will I have time for this? Answer: Let’s make things easier…
  • 10. Summary 1. Visibility into access o Typically, the longer you’re here, the more access you accumulate. o Answer: Keep visibility into entitlement growth by instituting an IGA program that continuously monitors entitlements and provides an easy visualization into the state of the business. 2. Third Party User Management: o It’s the Wild West when it comes to managing contractors… o Answer: Incorporate contractors into your IGA program/suite. This ensures continual vigilance and reduction of your attack surface area. 3. Certifying Access: o We want to do more access reviews, but it’s so time consuming that only the minimum reviews are being done. o Answer: Make things easier for your reviewers; provide them the tools necessary to perform quick reviews!
  • 11. THANK YOU! © 2018 by SecureAuth + Core Security All rights reserved