Build an Identity Security Services Plan
Secure your weakest links: your users.
RETIRED CONTENT
Please note that the content on this page is retired. This content is not maintained and may contain information or links that are out of date.Common challenges include:
- Increased vulnerability to attacks due to improperly managed user accounts.
- Neglectful users leaving passwords in visible areas.
- Third-party users with higher than necessary access to your systems.
- Help desk inefficiency related to password-related requests.
Outcome of this workshop:
- Reduced help desk costs due to password resets through self-service.
- Reduced help desk costs and cycle times in regards to provisioning/deprovisioning accounts through automation.
- Increased overall security,
- Increased control and visibility over user authentication, authorization, and access.
- Increased focus on the critical systems instead of getting caught up in the complexities of every single role and user group.
Book Your Workshop
Onsite Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn’t enough, we offer low-cost onsite delivery of our Project Workshops. We take you through every phase of your project and ensure that you have a road map in place to complete your project successfully.
Module 1: Make the Case
The Purpose
- Establish why you should care about identity management.
- Understand what happens when you choose not deal with user access.
- Understand how identity security fits into your overall security portfolio.
- Track metrics to save money and streamline your processes.
Key Benefits Achieved
- Support for why this project is valuable.
- Metrics to apply to your own help desk operations to track successes and cost savings.
| Activities: | Outputs: | |
|---|---|---|
| 1.1 | Understand the importance of this Blueprint to your overall operations, security and spending. |
|
| 1.2 | Understand metrics around help desk costs and operations that you can track. |
|
Module 2: Identify users and what they can access
The Purpose
- Identify user groups in your applications/systems.
- Understand which groups are critical based on their overall sensitivity.
- Prioritize applications and systems based on sensitivity to prepare for a user audit.
Key Benefits Achieved
- Create a re-executable process for preparing to audit your user groups by focusing on critical applications/systems first.
| Activities: | Outputs: | |
|---|---|---|
| 2.1 | Identify your top five applications/systems to work on first. |
|
| 2.2 | Identify the user groups and the owner of that application/system. |
|
| 2.3 | Establish the sensitivity level of that application/system and the user groups in preparation for an audit. |
|
| 2.4 | Prioritize those applications/systems based on sensitivity levels. |
|
Module 3: Prepare to audit user access appropriateness
The Purpose
- Identify your user groups in your applications/systems.
- Understand which are your critical groups based on their overall sensitivity.
- Prioritize applications and systems based on sensitivity to prepare for a user audit.
Key Benefits Achieved
Create a re-executable process for preparing to audit your user groups by focusing on critical applications/systems first.
| Activities: | Outputs: | |
|---|---|---|
| 3.1 | Identify your top five applications/systems to work on first. |
|
| 3.2 | Identify the user groups and the owner of that application/system. |
|
| 3.3 | Establish the sensitivity level of that application/system and the user groups in preparation for an audit. |
|
| 3.4 | Prioritize those applications/systems based on sensitivity levels. |
|
Module 4: Identify current identity management practices
The Purpose
- To identify what your organization is currently doing well.
- To determine gaps in your current processes, policies, and technologies.
Key Benefits Achieved
- Finding ways to optimize what your organization currently implements.
- Identifying where improvements can be made to increase efficiency and cost savings.
| Activities: | Outputs: | |
|---|---|---|
| 4.1 | Identify current technologies, policies, and processes currently in place with IAM Controls Analysis Tool. |
|
| 4.2 | Perform gap analysis with the IAM Controls Analysis Tool. |
|
| 4.3 | Optimize what you currently have in place. |
|
Module 5: Create implementation roadmap
The Purpose
- Identify the top 10 controls your organization should pursue to close the gaps in your identity management processes.
Key Benefits Achieved
- Instead of doing too much all at once, this module uses your data to create a customized and prioritized list of controls that address the gaps in your identity management strategy.
| Activities: | Outputs: | |
|---|---|---|
| 5.1 | Identify your top 10 controls to apply to your identity management strategy with the IAM Controls Analysis Tool. |
|
| 5.2 | Understand what each user group requires in terms of identity management controls. |
|
| 5.3 | Develop an Identity and Access Management Policy. |
|