Close

Are you in compliance?

Don't miss out! Sign up today for our weekly newsletters and stay abreast of important GRC-related information and news.

×

Status message

Start your free, no obligation 5-day trial to continue exploring with full access.

Evolving your identity management program: Six cautionary considerations

Compliance Week | March 1, 2016

For compliance professionals in regulated industries, there’s perhaps no greater challenge than identity management. Call it a program, a best practice, or simply a daily struggle to account for all users and all the systems to which they have access—identity management is a beast that is tough to tame. It can be 99 percent effective, but that nagging, non-compliant one percent can leave a reputational dent if discovered by an audit, or worse, provide the gateway for an insider to wreak havoc, either accidentally or intentionally. There are many applications on the market that make tantalizing claims about solving the identity problems once and for all, but companies should adopt these tools with their eyes open and their expectations in check.

While accounting for a handful of people on a limited number of systems is not terribly daunting, the challenge grows exponentially when the user base is rapidly changing, widely distributed, and drawn from multiple onboarding sources...

Buy this article for $49, or subscribe to Compliance Week for a month at $149 and get unlimited article access for 30 days.