Identity and Access Management
In our previous article, we emphasized how the knowledge of the source of threat is important before we decide any further. Knowing that the first threat can come from internal people with access to company systems, management of their identity and access to systems is essential and forms the foundation for Information Security Concepts at Level 2.
Identity and Access Management systems assist us in managing a central repository of role based users to expose applications or sensitive documents. This arrangement also assists in providing approval based access or denial of services, and further, upon the exit of employees, a single deactivation can ensure denial to all systems exposed to the individual. Simply, it saves time and money, as you already understand by now, that without this system you will be depending on your sheer luck or running around multiple system admin consoles to deactivate users or provide them selective access.
Two factor authentication systems also fall under this category as many service providers provide this under their umbrella of Identity and Access Management. We have come across such a solution which is both easy to implement and pocket friendly, OpenIAM.