This is a guest blog post by Core UK.
Identity and Access Management (IAM) - The systems, policies and processes used by an organisation to perform user lifecycle management and to determine which users are permitted to access what information and how.
IAM is an integral part of any organisation’s IT security. In the lead up to – and wake of – GDPR, organisations have become increasingly aware of the need to get Identity and Access Management right within the context of their organisation. Addressing IAM issues throws up lots of questions that you may not have considered before:
- What risk to security do access rights pose?
- Have leavers had their access and rights properly removed?
- Do employees have too many access rights?
- Do I audit how / when users were given those access right?
These are all common questions your organisation may now be asking… and if it isn’t, it should.
Core’s Identity and Access Management solution exists to solve the issues around user rights and user lifecycle that many organisations face. Running as part of our Aurora system, our solution helps organisations control user rights and access using a principle of ‘least privilege’ implemented by an enterprise level Role Based Access Control (RBAC) system, which can be configured to your company’s exact requirements.
Enterprise IAM solutions are a proven way to effectively control your users identity lifecycle and user access rights. But as with many projects, the Core team found that once we had been in and implemented the solution and handed over to the business, the IT team was then on to the next project and the IAM solution was neglected by the IT teams going forward.
Generally, there was no team, or even an allocated individual, managing identity and access on an ongoing basis. Core would train staff when the solution was implemented, but afterwards, the identity product would often be neglected and rules and policies weren’t kept up to date as the business grew and evolved. Identity and Access Management is such an important part of a company’s IT infrastructure, we felt there had to be a better way to manage and maintain the IAM solution; especially given the potential repercussions of GDPR.
Identity as a Service (IDaaS) is the ideal way to maintain effectiveness and ensure customers get the most out of our IAM solution, while keeping control of identity and access rights in their organisation. Providing IDaaS continually adds value; the product is maintained at the latest version and the business can request changes to workflows and policies as their joiners/leavers process changes or they need to comply with new regulations such as GDPR. IDaaS delivery continual value to the business time and time again.
To deliver Identity as a Service to our customers, we partnered with a leader in the identity and access management space, One Identity, integrating their innovative software with our own Aurora cloud platform to provide a best-in-class IAM solution.
One Identity’s IAM software solutions include Identity Management, Identity Governance and Privileged Access Management. These solutions are used by businesses across a range of sectors, including financial services, government, higher education, healthcare and retail, to help them address the challenges of access management. Using these solutions, managers can make informed decisions about user access and define a clear path to governance, access control and privileged management.
One Identity's innovation has given Core greater access to our customers. It lets us layer the solution we have provided with extra privileges, account management and other cloud services which are all value adds and let customers get the most from their IAM solution. As a result, customers directly benefit from the partnership that Core and One Identity have forged.
Another such add-on, is One Identity’s Starling platform, which adds an additional layer of security to Identity and Access Management through two-factor authentication and continuous monitoring of the environment to identify vulnerabilities and areas of high-risk.
Core’s Identity as a Service is currently used by around 45,000 identities in large-scale organisations around the world, including government bodies. The high volume of users is just one reason we were awarded the prestigious UK Partner of the Year Award at One Identity’s 2018 UNITE conference in Nice.
Looking ahead to the future, a focus on Identity and Access Management is a natural progression for Managed Services Providers; particularly as their customers become more aware and concerned with getting IAM right and embrace cloud services. As companies embrace the cloud and everything that comes with it, like cloud identity sprawl, IAM is going to become pivotal for most organisations.
If organisations want to adopt and embrace the cloud without posing a risk to their IT security, then using an MSP for Identity as a Service is the ideal solution.