In the workforce, identity isn’t really who you are. It’s not your name, age, shoe size, etc. Your identity is your place and role within the company. Think of what your job title is and add all the other things you do. That’s your Identity (which we will now be capitalizing to distinguish it from your identity (name, age, shoe size, etc.)). It sounds simplistic, but knowing your Identity is extremely important for your cybersecurity team. Why? Because knowing your Identity allows you to be given the proper access to your company’s data and networks. Identity and Access Management (IAM), then, is accurately and precisely defining your role in the company (Identity) and making sure you can only use the tools and data you need (Access) to do your job.
Identity and Access Management Issues
And still you are probably thinking this sounds like something basic and easy to do – but it’s not. Almost everyone can agree that the job description they were hired for isn’t exactly the job they ended up doing. It takes time to settle into a workplace and really get a feel for your true role in the company. In fact, in the 2018 edition of the Cyber Defense Magazine, Ketan Kapadia, VP of IAM at Herjavec Group, says it can take 6-8 weeks to complete a solid Identity Access Management assessment of an employee. That is a huge time to be in cybersecurity flux.
But a company can’t sit around on its elbows waiting to figure out an employee’s Identity and then grant access to network resources, files, etc. Access needs to be given (in some form or another) as soon as the employee starts. So, what happens? Access to resources is granted based on a guess of what the employee needs, the bare minimum based on the job description, or (horror of horrors) everything (just to make the sysadmins’ job easy). Many times, this last possibility wins out due to time constraints (because time = money, you know). None of these situations is good for cybersecurity, your workforce, or your company.
Fognigma with the Identity Access Management Assist
Fognigma builds its Mission Partner Networks (MPNs) out of randomly leased parts on multiple public clouds. MPNs are a collection of parts, but they function as a whole. They are invisible to the outside world of evildoers and protected with two layers of AES-256 encryption between all the parts. And inside the MPN with its stealthy ephemeral style, reside components for secure communication, your files and data, and the see-through playground in which your users work. [For a more detailed explanation of Fognigma, click here.]
Now you know the patented Fognigma engine lets you create a powerhouse of cybersecurity for your company. But that’s not why we brought you here. We want to showcase how Fognigma can make IAM easier to implement, and it does it with three words: granular user controls.
Granular user controls let the MPN’s administrator set precise permissions for each user. It’s still up to you and your company to determine your users Identities, but Fognigma makes adding users and granting/changing/removing Access as simple as a few mouse clicks. No more guessing all the permissions someone needs. No more just giving in and granting everything (while putting your entire organization at risk) because the Access management part doesn’t take a chunk of time anymore.
Because one aspect of cybersecurity that is quite important is speed. The faster you can deal with situations, the better. And the faster your team can manage an employee’s Access, the less chance of “no time” being an excuse for sloppy IAM practices. Fognigma give you the IAM speed you need and the controls to make sure your Identities have exactly the Access they require.