
Identity and Access Management (IAM)
Why is Identity and Access Management so important
"Why is identity so important? Identity forms the basis for authorization and trust.
NIST draft publication 800-103: “An Ontology of Identity Credentials”
An effective IAM system is the foundation to a more secure, easier to manage, lower cost security architecture. In the world of SaaS applications and remote employees, the old moat around the perimeter is no longer truly able to provide a level of security to accommodate the dynamic and porous organization of today. Instead, building security around identity gives security teams the ability to establish much higher degrees of security, control and responsiveness while lowering cost to operate and levels of management. Two essential benefits in a world of budget constraints and difficulty finding skilled resources
With a robust IAM system in place, organizations can:
-
Implement multi-factor authentication
-
Monitor for suspicious activity
-
Control access to sensitive information and resources
-
Reduce the risk of unauthorized access, data breaches, and other cyber threats
-
Provide detailed audit trails, making it easier to detect and investigate security incidents
-
Streamline IT processes by automating the provisioning and de-provisioning of users
-
Reduce the time and effort required to manage user accounts
-
Reduce manual errors, which can lead to security breaches
-
Comply with industry regulations, such as HIPAA and PCI-DSS, and avoid costly fines
Why choose Zephon to help with your IAM needs
-
Our leadership has over 25 years of deep experience working on complex large scale IAM projects
-
We know how to recruit only the most experienced and skilled staff with proven hands on IAM project experience. This ensures we can accomplish more, while maintaining the highest level of excellence
-
Our rich experience ensures clients are not left with security gaps. All systems designed and implemented are robust, scalable and work with minimal supervision
-
Zephon’s team has Public Trust security clearance so you can feel safe that the sensitive work of IAM is in the right hands
Success Story
Challenge
Internal Revenue Service (IRS), Office of Information Technology and Cybersecurity - As part of the CDM (Continuous Diagnostics and Mitigation) the IRS wanted to replace the existing custom identity access governance solution with a COTS (commercial off the shelf) product and migrate half a million entitlements and over hundred thousand users to the new system without any user impact while keeping the access audit trail intact. The access request workflow was highly complex with up to 10 levels of approval and different approval groups for each type of request. The new solution also had to support access certifications (privileged and non-privileged) for all users and extensive reporting requirements. Also, while the existing solution was on-premises, the new solution was to be hosted in AWS GovCloud, the first of its kind at the IRS.
Solution
Zephon, working alongside its prime contractor, replaced the existing custom Oracle Forms based solution with a SailPoint IdentityIQ-based solution as the organizational identity governance solution, migrating all users and entitlements. The system also integrates with CyberArk to govern privileged access, and Splunk for reporting, monitoring and dash-boarding. The new solution has passed all GAO and TIGTA audits since going live and has maintained its ATO successfully.
Impact
-
Migrated 100,000+ users and 500,000+ entitlements to a new cloud-hosted identity governance solution
-
No user impact throughout the process
-
Entire access audit history was migrated from the old system to the new
-
Automated all AD related access provisioning
-
All existing access request workflows and approvals were also migrated
-
Developed a custom access model for different levels of access like managers, approvers, help desk, system admins, reporting etc.
-
Developed custom access model for different report categories
-
Have run multiple manager access certifications since go-live
-
Integration with CyberArk for Privileged Access Management to enable a single access governance interface
-
Integration with Splunk to provide detailed monitoring, dashboarding and reporting.
Contact us for a free IAM assessment. Our experts are ready to help.