In most organizations, Privilege Management (Privileged Access Management, Privileged Identity Management, etc.) is still considered being a distinct technical discipline within IAM. On the other hand, we observe more and more organizations thinking about how to connect Privilege Management with Access Governance. There are good reasons to do so: Every privileged account must have an accountable manager. And if that manager changes his job, ownership must change as part of the "mover" process. There is the need for recertification of privileged accounts and their ownership. Privileged accounts also should be well-managed during application onboarding.
Unfortunately, it is not that easy to marry Privilege Management and Access Governance. This session will look at the use cases and processes, but also the state of technical integration.
It is critically important to know how cyber criminals target their victims, what you can do to reduce the risk and make it more challenging for the attackers who steal your information, your identity or your money. It explains how outside attackers or malicious insiders can exploit vulnerabilities using examples such as a compromised email account password that escalates into a full-blown breach of network security.
Compromising a privileged account, therefore, can be the difference between a simple network breach and a cyber catastrophe. When a single system is compromised, it is typically easier to mitigate, isolate, and eradicate the risk and restore control. When a privileged account is breached, it can lead to a major disaster. That’s because when a privileged account gets hacked, it allows the attacker to impersonate a trusted employee or system and carry out malicious activity without being detected as an intruder. Once attackers compromise a privileged account, they can typically roam at will through an IT environment to steal information and wreak havoc. By describing the anatomy of a privileged account hack, we will show how cybercriminals target their victims, what you can do to reduce your risk and prevent abuse of your critical information assets.
Key Takeaways:
In enterprise IAM, the classical boundaries between different types of users are blurring. IAM teams that have been dealing with office employees and subcontractors for years are realizing that factory personnel, partner companies or consumers need access to on-premises and cloud-based resources. What is the right approach to manage these different user populations? How can we get from silo approaches to structured enterprise IAM? How can scalability and governance be achieved? After a short introduction to the challenges, the panel discussion will lay out the potentials and limits of a comprehensive corporate identity platform. The panelists will argue how a transition to this platform can be achieved in the best way. They will dispute the major governance requirements and the most important IAM features required to achieve scalability.
Key Takeaways:
