Click here to load reader
Upload
oxford-computer-group
View
142
Download
0
Embed Size (px)
Citation preview
Is there more to
Identity-Driven
Security than marketing hype?
FIVE reasons
why identity is
at the heart of security
Yes!
Synchronization
Enable accurate
authentication/authorization by
synchronizing data
about users & devices across departments, directories,
services & applications.
How?
• Implicitly e.g. Azure AD
syncing with SAAS apps.
• Explicitly using technologies
such as MIM for on-premises
synchronization & AAD.
Connect for bridging cloud
and on-premises.
1
Be joined up
Read more in our blog >>
Authentication Are you who
you say you are?
Synchronize logins and passwords
- one well-managed password is
better than lots written down on
sticky notes.
Even a complex password is not
enough for all circumstances.
Use step-up multi-factor
authentication based on identity
data – who, where, when, what
device etc.
2 Read more in our blog >>
Privileged
Access/Identity
Management
The nightmare scenario: a privileged (e.g. admin) account is compromised.
Getting control of user accounts is very, very easy. Which means it is easy to compromise a workstation.
Then it is just a matter of waiting for a privileged account to cross paths with the workstation – a “sideways move”…
3 Read more in our blog >>
Stop the
bad guys in their tracks!
Privileged Access/Identity Management (PAM/PIM)
ensures that privileged access is only available
when and to the extent it’s necessary.
Privileged Access/Identity
Management 3
Read more in our blog >>
Reliable identity data is the basis for accurate group memberships and claims, so that you can grant access with confidence.
Better still, a centralized, automated roles-based approach enables a new level of authorization management you can trust, with associated reporting, and audit controls.
Effective
Authorization
Management
4
Give proper users timely access, but no-one else
Read more in our blog >>
Periodically verifying that
users have the correct
permissions may be required
by regulations but it is also
plain good sense.
Attestation
(certification) 5
With trustworthy centralized identity data, an
attestation/certification process is much less painful.
Adopting a formal role-based system that chunks up the
underlying permissions, simplifies the process further.
Read more in our blog >>
Next steps
Discover more about
each of these five steps
to identity-driven security
in this blog from identity experts
Oxford Computer Group.
See blog