Develop a User Management Strategy
Users are the number one security risk. Since you can't operate without them, you'd best be able to control them.
- Users are not hired to be security or compliance experts, but their daily actions can have significant ramifications on enterprise security and compliance efforts. Enterprises simply can't afford these headaches.
- User Management technologies include a wide range of solutions, with new niches opening up and new players entering the market all the time. Keeping current with all these offerings can overwhelm even the most seasoned IT professionals.
- Ensuring solid security and compliance means building a comprehensive and well-thought out User Management strategy, and doing it without breaking the bank.
Our Advice
Critical Insight
- Identity & Access Management is the pinnacle of User Management technologies as it rolls up the functionality of most other tools. If your enterprise is considering implementing at least two dedicated User Management tools (Single Sign-On, Automated Provisioning, Activity Monitoring and Reporting) you may realize cost savings with a dedicated IAM solution instead.
- Though not strictly a solution to manage users per se, Multi-Factor Authentication integrates well with most User Management solutions, particularly those that are focused on user access (Password Management and Single Sign-On), ensuring a higher level of assurance that authenticating users are who they say they are.
- Tools are all well and good, but at the end of the day, they support the policies and procedures that you put in place; you must take the time to establish these process aspects of your User Management strategy, or the tools you put in place will have nothing to enforce.
Impact and Result
- User Management technologies often have overlapping capabilities, and don’t come cheap, in some cases costing into the hundreds of dollars per user. Understanding which capabilities are required and those which are not, can allow enterprises to achieve appropriate protection, without investing in duplicate or unnecessary capabilities.
About Info-Tech
Info-Tech Research Group is the world’s fastest-growing information technology research and advisory company, proudly serving over 30,000 IT professionals.
We produce unbiased and highly relevant research to help CIOs and IT leaders make strategic, timely, and well-informed decisions. We partner closely with IT teams to provide everything they need, from actionable tools to analyst guidance, ensuring they deliver measurable results for their organizations.
What Is a Blueprint?
A blueprint is designed to be a roadmap, containing a methodology and the tools and templates you need to solve your IT problems.
Each blueprint can be accompanied by a Guided Implementation that provides you access to our world-class analysts to help you get through the project.
Contributors
- Corporation of the City of London, Ontario
- Empowered Networks
- Brockville General Hospital
- Ecology & Environment, Inc.
- Acosta, Inc.
Design and Implement a Business-Aligned Security Program
Build an Information Security Strategy
Secure Operations in High-Risk Jurisdictions
Develop a Security Awareness and Training Program That Empowers End Users
Build, Optimize, and Present a Risk-Based Security Budget
Hire or Develop a World-Class CISO
Fast Track Your GDPR Compliance Efforts
Build a Cloud Security Strategy
Identify the Components of Your Cloud Security Architecture
Security Priorities 2022
2020 Security Priorities Report
Manage Third-Party Service Security Outsourcing
Select a Security Outsourcing Partner
Improve Security Governance With a Security Steering Committee
The First 100 Days as CISO
Determine Your Zero Trust Readiness
Cost-Optimize Your Security Budget
Threat Preparedness Using MITRE ATT&CK®
Build a Zero Trust Roadmap
Security Priorities 2023
Security Priorities 2024
Grow Your Own Cybersecurity Team
Security Priorities 2025
Create a Zero Trust Implementation Plan
Build Adaptive Security Services
Run IT By the Numbers
Transform IT, Transform Everything
The Race to Develop Talent
Assessing the AI Ecosystem
Bring AI Out of the Shadows
IT Spend and Staffing Benchmarking
The Security Playbook
Security Priorities 2026