…Who Owns Identity and Access Management (IAM)?

Mobility and cybersecurity. While those two areas may have very different roles inside an IT organization and business, they both play integral parts in identity and access management. Given that, I’m always getting asked, “Who owns IAM?” Today, IAM is touched by multiple IT roles, such as app developers, IT operations, and security. CISOs are getting involved as well, at least in oversight roles. That’s because where there are identity and access, or identity repositories, you also have security risks, and need common oversight and common policy. What’s more, it’s important for all of these IT groups to be able to communicate about these policies amongst themselves in order to help keep the company safe and protect against potential threats. In this video, my colleague Jon Oltsik and I sit down to talk more about who owns IAM, and how IT professionals are leaning in to protect the company. To read the complete article, CLICK...

Read More

Identity Management To-Do List Aligns…

My colleague Mark Bowker just completed some comprehensive research on identity and access management (IAM) challenges, plans, and strategies at enterprise organizations. As a cybersecurity professional, I welcome this data. Identity management should be a major component of an enterprise risk management strategy, yet IAM technology decisions are often treated tactically or left to application developers or IT operations staff who don’t always prioritize security in their planning. The ESG data suggest a change in the IAM weather – large organizations seem to be prioritizing security as part of their IAM strategies. ESG asked 273 to identify the initiatives that will be part of their IAM strategies over the next 24 months. The data reveals: To read the complete article, CLICK...

Read More