CISO Executive Network Tuesday, August 31, 2021
Identity & Access Controls As the New Perimeter
We have all played the Truth or Dare game. Truth is we hear a lot about Identity being the new perimeter, yet we still use passwords as a key control. We Dare you in this upcoming series on IAM to give us your IAM best practices and share how we can really make Identity the new perimeter.
What reportable metrics show you are using IAM to effectively control risk?
Security Controls Covered: IGA, PIM/PAM, MFA/2FA, SSO, UEBA
We continuously hear that “Identity is the New Perimeter” and we need to adopt “Zero Trust Models.” Are these paradigms the next stages of evolution for our IAM programs?
As we open up our applications and data to customers, clients, and other third par-ties, knowing who is accessing our data becomes even more critical to security. We must trust that the entity accessing our data is who they say they are and ensure they have only the appropriate access.
And yet we must not interfere with the user experience. Multiple types
of solutions have been offered from the vendor community in the IAM space to ad-dress specific pieces of the problem; some in response to regulations, and now, more often, to enhance user experience with as little friction as possible. In this se-ries, we will discuss all things IAM and how to improve this critical program.
- Identity as the new perimeter and what that means from a pragmatic/practical view for our overall security program
- Feasibility of Zero Trust
- The role of identity and access management in Zero Trust models
- MFA/2FA Everywhere – is that table stakes or a dream?
- IGA – identity governance and admin, including joiners, movers, and leavers & certification reviews
- PIM/PAM – managing privileged users
- “C” IAM – consumers, customers, citizens, or constituents – we have to man-age their identities
- Passwordless IAM – is it possible or even practical? Can we eliminate pass-words?
- Risk and Context Based Authentication – from SSO to frictionless authentication
- IDaaS – Identity-as-a-Service
- Getting to least privilege
- Impact of IAM on user experience and how to win over the business
- Managing identity in a multi-cloud environment
Sponsored by CyberArk, Okta, Beyond Identity