Some Leading Practices in Identity and Access Management

Leading practices in identity and access managementBy Scott Smith
Security Practice Lead

Whether talking to people at large companies or small companies, when we bring up the topic of Identity and Access Management (IAM) we often hear a lot of the same comments…

  • “I am concerned that we have employees who have been here 10 years, and have access to everything, but I don’t know how to control that risk.”
  • “Of course we have password policies…but I’m not sure they’re being enforced.”
  • “I recently discovered an account for someone who left the company 14 months ago.”
  • “Half the people in our IT department have global permissions—they can access anything.”

Read more: Some Leading Practices in Identity and Access Management

An Introduction to Identity and Access Management

Intro to IAMBy Scott Smith
Security Practice Lead

Four years ago Target suffered a data breach that caught the attention of consumers and executives everywhere. By starting with a stolen dormant login from an HVAC contractor who was no longer working with Target, attackers were able to gain root access directly into Target’s data center. Once in, they found a web application vulnerability and managed to use this to steal the PII (personally identifiable information) for over 70,000 people, and seize the data for over 40 million credit and debit cards from a Point of Sale system that was not directly connected to the internet.

Read more: An Introduction to Identity and Access Management

Are You Getting the Return on Your IT Investment that You Should?

IT Effectiveness AssessmentBy Jeff Richards
Managing Partner

Your company is growing. You know your organization needs to move fast, but in focusing on the business you may have underinvested in IT. Now IT has become such a constraint that you’re not sure your systems can keep up with the growth. On top of that, you’re concerned that IT and the lines of business may not even be on the same page.

Or perhaps the CIO thinks that IT is doing fine, but the rest of the management team doesn’t understand what they’re getting for their IT investment. There’s even a concern that IT is too expensive. To make matters worse, you’re in a situation where the CEO can’t “speak IT,” and the CIO can’t “speak business”...and a complete disconnect has ensued.

To get on track you need to quickly get your bearings and determine if you’re doing the right things, in the right order, and doing them well. An excellent way to do so is through an IT Effectiveness Assessment.

Read more: Are You Getting the Return on Your IT Investment that You Should?

CIO Professional Services LLC is a top-rated IT consulting firm, based in the San Francisco Bay Area, specializing in strategic IT consulting and business / IT alignment. Companies come to us seeking assistance with their information technology strategy as well as to source interim CIO / CTO employees or fractional CIO / CTO's. Our IT experts can assist with integrating IT into your business processes - better - up to and including 'project rescue' in areas such as ITSM / ITIL, IT service strategy, and IT outsourcing. Business / IT strategy projects we have worked on include upgrading ERP systems, cybersecurity and IT consulting, IT assessment and organizational change. Cloud computing and business IT remain critical in today's business systems, and beyond that to the migration to the cloud of business IT. Our IT consultants can assist with all aspects of business / information technology alignment. Contact us today for a free phone consultation - we service clients not only in San Francisco or San Jose, but throughout the United States.

Copyright 2022. CIO Professional Services, LLC. All Rights Reserved. View our Privacy Policy.