Incepta Solutions is proud to be a sponsor and speaker at the CIS (Cybersecurity & Identity) Summit 2021 hosted by IN-SEC-M!
The Cybersecurity & Identity Summit (CIS) is an essential event for the Technology industry, providing leading-edge insight on cyber risk prevention and digital identity management. CIS is a forum designed to encourage business leaders and government policymakers to share ideas and concerns about cybersecurity, digital identity, and data protection with industry experts.
We connect people, technology, and opportunity.
The virtual event takes place on April 26 – April 30, 2021. Our lead #InceptaInnovators will also be spearheading a 20-minute thought leadership fireside chat on cybersecurity, identity, and how Incepta Solutions have played a key role in the cybersecurity strategy of businesses with a global presence.
Presentation Topic: Best practices to implement Identity and Access Management for corporate IT projects
Date and time: Thursday, April 29, 2021 | 11:00 AM – 11:20 AM (Eastern Daylight Time)
In a world where digital transformation is accelerating among corporations, identity and access management have increasingly become an integral part of all transformation initiatives. Without having a proper strategy to integrate identity and access management in projects, corporations face the risk of exposing private and sensitive data to unintended audiences.
Attend this session to learn about industry-leading best practices to successfully implement identity and access management for your next IT project.
Hello everyone! Welcome to our live fireside chat, “Best practices to implement Identity and Access Management for corporate IT projects.”
I’m Rick Bolt, Director of Sales at Incepta Solutions. And how this session will run is that I’ll be interviewing our Managing Partner, Ishtiaq Ahmed, on this important topic within the corporate security domain.
Although I’ve worked with our clients in numerous projects involving identity and access management, we will keep it more of an engaging Q&A style for our audience.
We see that the session attendees are coming from a variety of backgrounds so let’s start with the foundations.
Q1: My first question is, would you be able to share with us what exactly is identity and access management (IAM)?
Identity and Access Management is about defining unique ID, roles and privileges of network entities in an enterprise when it comes to accessing corporate applications and data.
An entity can be a user such as employee, customer, partner, vendor or it can be a device such as cell phone, work station or another application.
The goal of identity and access management is to have a unique digital identity per entity and have it managed during the lifetime of the entity in the corporation.
Q2: Great, thanks for setting the stage for our audience! Now, what is the importance of having an identity and access management component in corporate IT projects?
As we all may know at this point, data breach is one of the major risks that corporations face every single day. Improper use of identity and access management may result in a data breach or cyber fraud that typically costs north of 4 million dollars per incident for a large corporation.
This is why it is critical to have an identity and access management component in every corporate IT project that deals with sensitive corporate data.
It can be financial data, employee data or customer data.
It is critical that the project gives proper attention to ensure data is exposed to the right entity, whether it is a person or another internal or partner system. If we reflect on our current situation, COVID-19 has emphasized that it’s even more important to have an identity and access management planning for corporate projects.
Here’s some quick stats. According to a recent report by Gartner and Forrester, 70% of CIOs have mentioned that strengthening identity and access management is one of the key areas they will be spending budget over the next 12 months. So to tie it all together, it would be wise to have a proper identity and access management strategy for every project that will be rolled out in a corporation.
Q3: Definitely seeing the importance for having a concrete identity and access management strategy. What should corporations do from an identity and access management standpoint when implementing a project that involves access to their internal systems and data?
Let’s dive deeper into this, Rick.
On average, large corporations use more than 1,100 systems to run their business. You can imagine how critical it is to have a planned approach in managing identity and access and have them become a key part in every relevant project.
I have put together a slide here to show a maturity model that can be adopted by businesses.
This is an incremental approach that starts with the persistence layer.
The layer that will act as the master source of truth for all identity and access related data. User profile, password, user roles, policies etc are some examples of identity and access data. On top of that – businesses should unify the platform as much as possible – consolidation, less diversification would be the guiding principle here. Companies can adopt an all cloud approach or a hybrid approach.
Above this layer is the product layer. Often companies are using commercial off the shelf product to do their identity and access management needs. Big players like Oracle, IBM and Broadcom has products in this area – just to name a few.
On top of this layer is the API layer. This is very critical to expose all identity and access management related capabilities as reusable building blocks. This will allow corporations to have the agility to integrate identity and access management faster in the project.
We also recommend to use an API Manager and an integration platform on top to externalize security and performance measure around identity and access management APIs. We use products like MuleSoft and Azure Logic Apps to provide this functionality.
Q4. It sounds like there’s a number of layers involved. What’s the level of difficulty to making sure identity and access management is addressed in every project?
Yup, that’s a good question. What we often see that corporations keep the identity and access management as an afterthought.
They realize late in the game that this particular piece of the puzzle was not addressed from the get-go.
As a result, we see that original timeline and budget become impacted. The right design is not in place and the project team rushes to do something quick at the last minute.
We also see that corporations often get overwhelmed at the extent of the investment they need to make to have a mature identity and access management platform.
At Incepta Solutions, we have a comprehensive project delivery process that addresses all these issues in a methodical approach.
We work closely with the IT and business sponsor to define a most optimized solution to not only deliver the immediate need but to also ensure that they are making the right step towards their target state platform.
Q5: Now, we saved the best for last. I’m sure our audience is also curious to know: Can you share a success story on implementing identity and access management?
We have done many projects where we had to take care of identity and access management piece. We not only deliver the solution that has identity and access management embedded, we also advise customer.
As a solution provider, our goal is to become an innovation partner with our clients. We work together to define a roadmap of their identity and access management journey.
We help them distribute the cost of having a mature identity and access management platform over capital budgets.
For one of our customers who is a global beverage company, we walked together to build their identity and access management maturity model.
Right now, we are in a situation where all of their identity and access management capabilities are exposed as nimble APIs.
Every project we do with them, we can easily take care of the identity and access management with little effort and cost to the project.
About Incepta Solutions
At Incepta Solutions, our team of #InceptaInnovators is passionate about developing the bridge between people and operations, as we create stories that we can all be proud of.
Since our inception in 2010, we are recognized as trusted experts in providing digital services to global businesses. We are proud to be named one of the top 5 Information Technology companies in Canada on the Growth List 2020 (published by Canadian Business and MacLeans). In addition, we are humbled to be recently certified as a Great Place to Work.
Our full suite of digital services includes:
Cybersecurity | Integration | Digital Transformation
Data Management | Cloud Strategy | Customer 360
At Incepta Solutions, we provide business solutions that solve challenges and enable future growth and success for all of our clients. We leverage industry-leading technologies to provide innovative solutions that are robust, of premier quality, and cost-effective.
In our growth journey, our goal is to become a global leader in digital transformation and enterprise solutions. We enable businesses all over the world to solve complex and critical integration challenges. As #InceptaInnovators, we hope to look back at these times on how we have helped global brands and enterprises achieve success. Our driving force is that one day, we are able to reflect on our shared journey and be proud of the stories we have created together.
Incepta Solutions | Powered by innovation, driven by results