Over the past few years I have been gathering knowledge on what "Identity Mangement" (IDM) is and what a good IDM system can do for companies. At first, it was a concept that seemed too easy: automate your identity flow between systems that need the information, so that your corporate systems like phone directories, user authentication directories, etc. can all be updated in near real-time. This would help when users are hired, modified, or terminated. This also would help with various regulatory compliance efforts.
So, after years of learning (trust me, I am stil learning every single day), I wrote an article for the ISSA (Information Systems Security Association) and was published in a recent issue! It is my first time being published, and I am extremely proud. The article focused on Identity Management issues in Healthcare, one of the more heavily regulated industries these days.
If you would like a copy of the article I wrote, feel free to let me know - I have permission from the ISSA to share it...
I want to start a thread here - what are YOUR identity management issues where you work? Do you have time gathering and maintaining current contact info on your employees? Do you have an effective way for your employees to update their own contact data? What hapens when an employee is terminated? Is network and application access termninated as soon as HR lets you know, and is the process scripted and able to be audited?
More to come later - have a great weekend...
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment