Deutsche Version  English Version
About usServicesProducts

 

Identity and Access Management

Technological complexity threatens the security of information, data and systems. A convergent identity and build-up management for access platforms solves this challenge.

The growing number of decentralized systems in business overwhelm IT management with increasingly confusing access and rights structures. Operating systems, data bases, applications and internet platforms insert their own identification and authentication mechanisms. A cross-product standardization is still a scarce commodity. The increasing number of accounts and passwords to be managed burdens the user. 

 

IAM – a real benefit for your company

Identity & Access Management (IAM) reduces the variety of identifications and individual information the user needs in order to access applications, resources and IT systems and combines them into a single identity. A successful IAM provides improved efficiency, cost reduction, productivity gains, business agility and security increase, simultaneously minimizing risks and complying with governance.

Security technology does not need to limit functionality or be difficult to manage. The automation of activities like user account setting or modification etc. relieves IT management and user help desk and releases resources for demanding activities. 

 

The 4-A Strategy (as per Gartner-Group)

ISPIN has many years of experience in Identity & Access Management projects. Many of the problems in IAM projects are not technical but concern organizational measurements, operational processes, employee communication or psychological aspects. This makes a pragmatic proceeding in IAM projects indispensable in the sense of «Think big – start small».

 

Implementation of the 4 A

  • Authentication – who am I? User identification, password control, strong authentication, Single Sign-On, employees inside and outside the company.
  • Authentication – what am I allowed to do? Authorization concept, role models, data owners and responsibilities.
  • Auditing – what happened? Traceability of accesses, reporting, auditing, regulatory standards compliance (for example SOX or Basel II), incident handling, vulnerability assessment.
  • Administration – who manages what and how? Assignment, authorization, responsibilities, setting and maintenance processes (workflow), automation grade. 

 

The IAM model

The ISPIN procedure model allows a comprehensive view of the IAM landscape with regard to organisation, processes and infrastructure. Following a standardised pattern, the IAM fitness of existing IT systems is checked. Parallel with this, an analysis of strategic objectives and guidelines is executed from the perspective of business and IT management as well as with regard to current regulatory requirements. The IAM relevant standards will be developed in joint workshops. Current projects are taken into consideration as well as planned projects. Exact implementation suggestions are the basis for the IAM Roadmap development.

 

back »