They say insanity is doing the same thing, the same way, over and over again—and expecting a different result. This sounds a lot like what’s happening in identity governance and administration today. For years, identity teams have taken a siloed, binary approach in which identity governance, day-to-day access management, threat detection and risk management are separate activities that rarely, if ever, intersect. And many organizations continue to do exactly that, even though the result has become predictably disappointing. Fortunately, there’s a more effective way to approach identity governance, by making it part of an integrated, holistic identity strategy. In this approach, identity governance and access control inform each other—and identity and access management, threat detection, and overall governance, risk and compliance (GRC) systems all work together in the interest of improving security. Let’s look at what it means to move toward an integrated approach and how doing so can benefit your organization.
Why Do You Need a More Comprehensive Approach?
At a time when the cloud, mobility and a growing remote workforce are expanding the attack surface, using a siloed approach to identity puts an organization at risk. The siloed approach locks organizations into multiple point solutions that narrowly address individual issues, making it difficult—if not impossible—to pivot and adapt rapidly as threats evolve and regulatory pressure intensifies. This is why it’s time to take steps to improve security by shifting to a more cohesive identity strategy.
Three Ways to Transform Your Identity Strategy
Where do you start? Transforming identity (Read more...)
*** This is a Security Bloggers Network syndicated blog from RSA Blog authored by Tim Norris. Read the original post at: http://www.rsa.com/en-us/blog/2018-07/how-to-build-a-better-integrated-identity-strategy.html