/dqc/media/agency_attachments/3bO5lX4bneNNijz3HbB7.jpg)
Follow Us/dqc/media/post_banners/wp-content/uploads/2020/11/remove-fingerprints.png)
CMS IT Services, a digital transformation partner of enterprises globally, has released a new framework for Identity and Access Management (IAM) - the number one problem plaguing CISOs in the remote-working digital economy.
“With a staggering 4000 cyber-attacks carried out daily, cybercrime surged by 800 per cent during the pandemic. Social engineering is a prime threat, with hackers employing AI-assisted tools to steal user identities and perpetrate supply chain attacks and enterprise-wide fraud. Our 5A framework helps businesses stay ahead of disruption by heightening identity governance for all entities in the system - be it in-house employees, partners, or third-party integrations - while also preserving the user experience”, explains Anuj Vaid, Executive Director, CMS IT Services.
In modern enterprises, a hybrid IT architecture - along with a complex web of distributed users, devices and applications - amplifies the access points to data and system vulnerabilities. With the volume, velocity and variety of operational data generated every minute, it’s impossible to scale a piece-meal approach to control who has access to what, where and how.
/dqc/media/post_attachments/wp-content/uploads/2021/08/cms-IT1.jpg "cms IT")
A1 Assurance - Enterprise security should have assurance based on Zero Trust (ZTX) principles, ensuring that the intended features, functionality, practices, procedures, and architecture of the Identity and Access Management (IAM) solution are correct, resilient and always functional.
A2 Authentication - Enterprises today operate through networks that involve users and devices accessing data in the information ecosystem and linking up with different elements in the network to use that data. The complexity of such operations mandates solid authentication systems to allow access for various processes and services, with robust SSO mechanisms and cutting-edge protocols (such as SAML, OIDC, RADIUS and LDAP).
A3 Administration - It is not enough to merely authenticate users. An Identity and Access Management (IAM) system must integrate that with ensuring the physical security of clients’ managed sites, thereby preventing damage to assets, nullifying data exfiltration and preventing the interruption of IT services.
A4 Automation - Many processes in managing identity and access involve tasks that are repetitive, which can be automated. This can be achieved with a native Identity and Access Management (IAM) system.
A5 Analytics - The above functions are best enabled and aided with the intelligence of analytics that process an immense amount and range of data on user and endpoint behaviour, network analytics, business applications, identity and access, external anomaly and internal fraud detection, and policy compliance.
The 5A framework utilises the principles of Ikigai to ensure that all the layers and dimensions of functions that are fulfilled in an enterprise by different people, at different places come together in a reliable and secure way. This holistic approach is the foundation of a comprehensive suite of scalable security solutions that span the whole expanse of areas and entities in a contemporary business.
“The best part is that the 5As of IAM approach doesn’t require you to re-engineer your cybersecurity strategy. Instead, it helps you maximize the power of your existing security investments and fortify your enterprise-wide defenses without having to make new capex investments”, added SudhansuNayak, HeadCybersecurity, CMS IT Services.