Managing Identities & Access

Most of our members are investing in core areas of the Zero Trust model including MFA/2FA, privileged identity management, and context-based access without typically thinking of it as a Zero Trust program. We have seen a low business tolerance around anything called Zero Trust. In this series we will discuss using IAM to enable trusted transactions and move toward ultimate trust.

Stolen credentials are the most effective attack vector. Walking through the front door makes you seem legitimate and gets you to your targets much easier. Continued attention on strong IAM controls is a staple of any effective information security program. Strong authentication, monitoring user account behavior, privileged account management, and least privileged access controls continue to be vital. In this series we will hear from members and industry experts about the latest best practices in identity and access management.

Topics we are likely to discuss include:

  • Importance of strong authentication methods including multi-factor (MFA) and 2FA at the user and consumer level
  • User and entity behavior analytics (UEBA)
  • Incorporating non-technical behaviors in analytics
  • Value of incorporating IAM into SOC for better analytics
  • Role of Identity Governance and Administration (IGA)
  • Likelihood of convergence between physical and logical security
  • Movement toward Identity-as-a-Service
  • Challenge of managing identities from outside your enterprise
  • Privileged Identity Management (PIM)
  • The role of identity and access management in Zero Trust models
  • User lifecycle management including the use of roles
  • Setting scope of IAM program to ensure only high ROI components are in infosec

Sponsored by Okta, IBM & Beyond Identity