
The Workforce IAM
Actionable Advisory Assessment
The many facets of Workforce Identity & Access Management (IAM) is one of the most complicated organizational set of activities to take on. The ubiquitous nature of IAM stretches to all entity types, whether they be human accounts (employees, contractors, consultants, customers, patients, students, etc.) or non-human accounts (systems, services, applications, bots, etc.). Creating, managing, and mitigating the authentication and authorization privileges of these accounts across the enterprise data center and cloud has seen the risk of failure hit an all-time high. To mitigate this risk, a clear, concise, achievable plan and process must be in place. This is where CyberZen excels.
Our Workforce IAM Actionable Advisory Assessment (AAA) will allow your organization to discover and define what needs to be in-place, assist in building a reference architecture, and provide a roadmap for you that can be practicably executed. It is a blueprint that focuses on a practical, structured, and coherent approach to the management of users’ identities and their access to systems and data. Our roadmap will ensure the right entities get access to the right resources at the right times for the right reasons.
In order to provide this level of assurance we cover the following “core” components as part of the Workforce IAM Assessment:
Identity Governance & Administration (IGA)
-
Identity Lifecycle Management
-
Role Lifecycle Management
-
Identity Systems of Record vs. Sources of Truth
-
Identity Correlation & Deduplication
-
Automated Entity Provisioning
-
Role-Based User Provisioning
-
Segregation of Duties (SoD)
-
Attestation & Certification
Access Management (Authentication)
-
Risk-Based Multifactor Authentication (MFA)
-
Privileged Access Management Authentication
-
Identity Assurance Levels (Proofing/Vetting)
-
Password/Password-less Management
-
Bio-Metric Driven Authentication
-
Policy Enforcement across Single Sign-On (SSO)
-
Open Standards Utilization (SAML , OAuth)
-
UNIX/Linux to AD Bridging
-
Federation of Identities & Services
-
User-Centric Identity (e.g. OpenID)
-
Bring Your Own Identity (BYOI)
-
Bring Your Own Authentication (BYOA)
-
Mobile Device Management
Identity Governance & Administration (IGA)
-
Centralization of Identity Audit & Logging
-
Continuous Monitoring of:
-
-
Identities
-
Access Privileges
-
Assets
-
Activities
-
-
Preventive & Detective actions based on:
-
Identity Analytics
-
Identity Metrics
-
Access Management (Authentication)
-
Least Privilege Enforcement
-
Access Control Models including:
-
Role Based Access Control (RBAC)
-
Policy Based Access Control (PBAC)
-
Attribute Based Access Control (ABAC)
-
-
Automated Authorization Management
-
Privileged Access Management Authorization
-
Zero Trust Modeling
-
API Security & Management
-
Data Access Governance (DAG)
-
Data Privacy
-
Data Loss Prevention (DLP)
A Deep Dive Into Our IAM Assessment Process:
An CyberZen Workforce IAM Assessment will…
ASSESS & VALIDATE THE CURRENT POSTURE OF YOUR WORKFORCE IAM
CyberZen assesses and validates the current state of your organization’s Workforce IAM environment(s) by identifying, summarizing, and prioritizing the unique needs and challenges you face. This is achieved by interviewing key stakeholders, business and application owners, and information security personnel to ascertain your current customer requirements and the consumer facing resources (both human and technology) you have available to address these known requirements. We will then identify any additional requirements and validate your organization’s current state IAM architecture from a holistic point of view, taking into account the customer, consumers, staff, processes, and technologies that shape your environment. This will allow us to determine whether your organization’s requirements can be attained through improvements in processes, better utilization of existing technology, or if the acquisition of new products will be necessary to achieve your ideal future state.
ANALYZE YOUR REQUIREMENTS & RESOURCES
CyberZen will evaluate and classify the identified Workforce IAM challenges, requirements, and resources gathered during the assessment of your current state IAM environment to develop an initial action plan for your organization that is both efficient and cost-effective.
DEVELOP YOUR FUTURE STATE AS AN ARCHITECTURAL BLUEPRINT & BUILD THE ROADMAP TO EXECUTE IT
CyberZen will develop a detailed blueprint and roadmap that will enable your organization to achieve its ideal future state. This long-term, comprehensive roadmap takes a phased approach, focusing on incremental achievements to address your organization’s IAM and information security services needs and vision. The corresponding blueprint is comprised of the implementation of core IAM processes, procedures, and/or technologies. Both of these components will allow your organization to build an exceptional Enterprise IAM services framework that ensures the effective and secure performance of security services in the future.
Three Phases With One Goal In Mind
The Workforce IAM Actionable Advisory Assessment is a zero-trust driven, three-phased approach to building a tangible, viable plan that answers all of your questions, like: What Can I Do? What Should I Do? How Am I Going to Get There? What will This Cost? and How Will I Maintain It?
Workforce IAM Roadmap Build-Out & Operations Model
Build:
An Actionable Program-Driven Roadmap (using budgetary, resource, & timeline constraints)
Actionable Implementation Project Plans consisting of:
-
Constraints & Dependencies
-
Preparatory Steps
-
Work Breakdown Structures (WBS)
-
Deliverables & Outputs Required
-
Resourcing Requirements
-
Costing & Budget Requirements
Run:
Enterprise IAM Vendor Recommendations to fulfill your organization’s IAM Roadmap requirements (when current technology won’t cut it)
Post-Production Operational Staffing Models to assure your team can care and feed for your IAM implementations
Optional Managed Service offerings to allow for you Project Teams to stay focused on Projects and your Operations Team to stay focused on their core management initiatives