Options include IP address geolocation, machine fingerprints, transaction types, and single sign-on (SSO) solutions that improve password quality because users have only one, higher-quality password to remember. It also makes forgotten password recovery and reset much easier, reducing the risks associated with a data breach in the case of a password compromise. Without centralized access management, if one password is compromised, there is no way of telling if other passwords were breached and need to be reset. If there is only one password to all applications, then resetting that password will take care of re-securing access to all applications.
Integration with SaaS applications leads the way to IAM outsourcing. SaaS applications can be integrated seamlessly into the corporate IAM ecosystem, and provisioned and deprovisioned with user accounts. Doing so forces firms to rethink their identity management infrastructure. This refactoring of identity services is fairly common, and it creates a reusable, lower-cost identity fabric if done properly. This identity fabric then yields itself to the partial -- or even full -- outsourcing of identity management to managed security services providers (MSSPs) like Covisint, FuGen, Simeio Solutions, Symplified, VeriSign, Wipro.
It is also important to note in these economic times that the IT organizations that have deployed IAM solutions are helping to reduce costs on IT administration by automating the process of adding, modifying, and deleting users, minimizing audit remediation costs by controlling access to critical enterprise resources like ERP, Web, and thick client applications, and avoiding or reducing the cost of a data breach.
Despite the cut in costs that IAM may provide, security budgets have traditionally been difficult to defend in organizations. Executive management views security and IAM investment as something of a checklist item that will help the company get through an audit, or as a hasty follow-up measure after a security incident (system or data breach, etc.). IT managers should still be prepared to provide hard and fast numbers and statistics when discussing these items with your budget approvers.
Measure the impact of an IAM rollout using easy metrics that translate into dollars. Nothing conveys the value of the IAM project better than its contribution to reduced call center costs due to fewer helpdesk calls, fewer audit findings -- and thus lower cost of mitigation of audit findings around user access recertification. An additional benefit is improved productivity of adequately provisioned users (having all access to applications when they start versus having to wait two to three weeks for all access to be granted).
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.