Identity and access management (IAM) isn’t something you do once and then forget about. It’s an ongoing process, a critical part of your infrastructure that demands continuous management. Even if you have a fully implemented directory, it’s never too late to take advantage of best practices to help continuously manage this crucial part of your environment.
A key insight about identity and access management is beginning to emerge in our industry: contrary to common practice, IT should not be heavily involved in identity management. Too often, IT is placed in the role of “gatekeeper” simply because only IT has the tools needed to manage identity. But with the right identity management tools in place, IT maintains the tools and infrastructure, and the business controls the actual identities.
Here are eight key practices, gleaned from years of experience and informed by this key insight, that will help you improve your identity management system to ensure better security, efficiency and compliance.