No-Code Built For You Workflows
IAM
SECURITY
AUTOMATION

IAM Security Automation

Introduction

Feature

Only 15% of Security Functionality is Actually Used!
Thursday, March 14, 2024
Read More...
What are IAM best practises?
Wednesday, February 28, 2024
Read More...
What are the key success factors to a successful IAM implementation?
Tuesday, January 24, 2023
Read More...
IAM - A Short Story.
Friday, December 30, 2022
Read More...

Latest Blog

Taking Control: A Step-by-Step Guide to a Successful IAM Implementation
Thursday, May 9, 2024
Read More...

In today's rapidly evolving digital landscape, ensuring robust security while maintaining operational efficiency is paramount. Combining the strengths of Identity and Access Management (IAM) from Identity Centric and Security Automation from Tines helps us provide a comprehensive solution that enhances security, streamlines processes, and mitigates risks.

Identity and Access Management (IAM)

Identity Centric offers a holistic approach to managing user identities and access within an organisation. The key components of our IAM services include:

  • Leavers, Movers, Joiners (LMJ) Process: Prioritising the 'Leaver' process to mitigate the highest risk, Identity Centric ensures that user provisioning and de-provisioning are handled efficiently and securely. [1][2]
  • Certification Process: An account first approach with a granular permissions follow up. Ensuring high levels of adoption and effective certifications with real consequences when it comes to risk reduction.
  • External Workforce Management Process: Securely managing identities and access privileges for non-employees such as third-party vendors, contractors, consultants, and temporary staff.
  • Automation and Best Practices: By automating IAM processes, organisations can reduce manual effort, increase efficiency, and improve security compliance. Identity Centric provides standardised processes and templates to streamline IAM implementations, ensuring all critical steps are completed timely. [3][4]
  • Comprehensive IAM Implementation: Identity Centric offers detailed project plans covering all aspects of IAM implementation, from initial risk analysis and stakeholder identification to infrastructure requirements and operational processes. [5]

Security Automation

Tines revolutionises security operations with its no-code Security Orchestration, Automation, and Response (SOAR) platform. Key features include:

  • Workflow Automation: Tines enables the creation of automated workflows that connect various systems, ensuring consistency and transparency in security operations. This reduces the workload on security teams and allows them to focus on high-priority tasks [6][7]
  • Incident Response and Enrichment: Tines automates the enrichment of security alerts with contextual information, helping analysts quickly determine the severity of incidents. Automated responses can include isolating machines, blocking domains, and resetting passwords, significantly reducing the mean time to action. [7][8]
  • Ease of Use and Integration: With a user-friendly, no-code interface, Tines allows even non-technical users to build and manage workflows. Its ability to integrate with any API ensures seamless connectivity with existing tools and systems, enhancing overall security posture. [9][10]

Collaborative Strengths

Combining the strengths of Identity Centric's IAM solutions with Tines' security automation capabilities offers several benefits:

  • Enhanced Security: Automated IAM processes reduce the risk of human error and ensure timely de-provisioning of access, while automated security workflows quickly address threats and vulnerabilities.
  • Operational Efficiency: Both platforms streamline processes, reducing manual effort and freeing up resources to focus on strategic initiatives.
  • Risk Mitigation: Comprehensive IAM and automated incident response workflows ensure that security policies are consistently enforced, reducing the risk of data breaches and compliance violations.
  • Scalability and Flexibility: The combined solution is scalable to meet the needs of enterprises of all sizes and flexible enough to integrate with a wide range of existing tools and systems.

Conclusion

By integrating Identity Centric's robust IAM solutions with Tines' advanced security automation platform, organisations can achieve a higher level of security and operational efficiency. This combined approach not only protects sensitive information but also empowers security teams to operate more effectively in an increasingly complex threat landscape.

Citations

[1] https://www.identitycentric.com
[2] https://www.identitycentric.com/identity-and-access-management-services
[3] https://www.identitycentric.com/post/iam-a-short-story
[4] https://www.identitycentric.com/blog
[5] https://www.identitycentric.com/post/taking-control-a-step-by-step-guide-to-a-successful-iam-implementation
[6] https://www.tines.com/blog/getting-started-security-automation/
[7] https://www.tines.com/playbooks/no-code-automation-for-security-teams/
[8] https://www.tines.com/blog/soar-tools-what-to-look-for-before-investing-in-security-automation/
[9] https://www.tines.com/guides/essential-guide-to-workflow-automation/security/
[10] https://www.tines.com/blog/soar-tools-what-to-look-for-before-investing-in-security-automation/

JML - Lifecycles

1. Leavers / Movers / Joiners

Why that order for what's usually known as JML?
(Joiner, Mover, Leaver)

The Leaver process, if not carried out successfully, poses the HIGHEST RISK to a company, so should therefore be dealt with first.

User provisioning is a complex task for administrators, but with good organisation, standardised processes and automation you can ensure that all important steps are completed in a timely manner. This will save your company both time and money. At Identity Centric we can show you many ways of stream-ling your Identity programme with the goal of making it successful by using best practises. That does tend to mean that the customisations that your IT guys wanted will have to be carefully considered for inclusion. We've seen far too many projects fail due to customers insistence that they MUST have various customisations.

2. Risk Approach

With every project we take a Risk approach.
i.e. We analyse what elements would be considered the highest risk to a company and tackle the high risk elements first.

If you have read the analysts reports about IAM over the years you'll see that more and more they feature RISK as a good approach to an Identity and Access Managemernt programme. This is simply because the amount of identities, accounts and permissions/entitlements have become too much for human beings to handle. If you can segregate high Risk identities and focus on getting them the correct access to the right applications first, then your company risk profile will inevitably go down. Make Risk the focus of your Access reviews and certifications.

LEAVERS

Leavers are generally detected by receiving information from a Human Resources feed.
This can be in the form of a simple leaver flag saying Active=false or can be an End Date field with the persons final work date populated.

Leavers can also be initiated ad-hoc by a Manager via a form in cases where an instant suspension of access is required.

As a result of a trigger like one of the above, a lifecycle event is kicked off, a workflow to take the appropriate action of suspending access as required via the connected applications and by raising tickets or emails where direct connectivity is not present.
e.g. Physical assets, non-connected applications.

Additional Tasks
As well as suspending application accounts for a leaver there are often other tasks to perform. Some of these may include, but are not limited to:

- Archive home folders and place on a remote drive ready for archival storage.

- Notify relevant departments about physical assets that may need to be retrieved.
e.g. Car, Laptop, Phone etc.

- Arrange for device wiping.
e.g. Laptop, Phone.

- Delete application accounts after a pre-configured time.
e.g. 90 Days.

MOVERS

Movers can present a number of headaches for a business. It could be a simple Department move or a Location change for example. More often than not it gets more complex than that.

Department Move Example
The mover maybe moving from the IT Department to the Finance Department. The departmental Managers may agree that there needs to be some overlap period involved, maybe a month or two whereby the Mover has access to the applications and permissions from their old job in IT as well as the new job Finance applications.

Clearly there is Risk involved here.

The IAM system needs to be aware of the overlap period and provision the new Finance access for the Mover. After the agreed overlap period expires, de-provisioning of the users original IT Access must be carried out. This should also be followed up with an Automated Access Review to both Managers for the Mover to have them sign off on the eventual new set of access.

There are numerous permutations for mover processes and flexibility is needed within your Lifecycle Mover Workflows to accomodate this.

We can help you achieve this.

JOINERS

In the same way as Leavers, Joiners are generally detected by receiving information from a Human Resources feed.
This can be in the form of a simple joiner flag saying Active=True or can be a Start Date field with the persons hire/start date populated. New Hires can also be initiated ad-hoc by a Manager via a form in cases where an instant start and immediate requirement for access is required. e.g. Contractor.

As a result of a trigger like one of the above, a lifecycle event is kicked off, a workflow to take the appropriate action of creating the correct application accounts and granting the correct access as required via the connected applications and by raising tickets or emails where direct connectivity is not present. e.g. Physical assets, non-connected applications.

Additional Tasks
As well as provisioning application accounts for a joiner there are often other tasks to perform. Some of these may include, but are not limited to:

- Email notifications to interested parties.
e.g. Manager, Training Department and more.

- Notify relevant departments about physical assets that may need to be purchased.
e.g. Car, Laptop, Phone, Desk, Chair etc.

- It's also always very polite to ensure a Welcome Email is present in the joiners Inbox too.

CERTS

Certifications, Access Reviews, everyone seems to have a different name for these. In essence though "Certs" are used to facilitate management, application and role owners certifying people's access. i.e. Certifying that who has access to what is correct.

Certifications are usually driven by governance functions external to a company and where the company is obliged to comply with certain industry standards.

The problem with these Certs / Access reviews is that they are large and cumbersome, it is not unusual for a line manager to have to certify ten's of accounts along with thousands of permissions for their staff.

Identity and Access Management tools can clearly help in this area but bare in mind that it's not all about the tool. Identity Centric can help build good practises around certifications in terms of employee awareness and a good Communication Campaign to go along with each certification cycle.

Take up of certs / access reviews can be quite poor at first, sometimes with less than 30% of the review completed within the set time frame. After employee education and good communication campaigns to run along side, 30% can turn into 80%+

CONTACT US
IDENTITY CENTRIC
Sign up for our newsletter

Company

HomeServicesLinkedInCompany NoticesContact Us

SERVICES

IAMConsultingWhole ProjectsPhasesProblem Solving

Legal

Privacy PolicyWeb Site UseAcceptable UseCookie PolicyComplaintsGDPRModern Slavery
Copyright 2024 Identity Centric. All Rights Reserved.