KuppingerCole Report
Advisory Note
By Matthias Reinwarth

Aligning Access Governance and Privilege Management

Well-designed IAM/IAG-architectures establish real-time visibility of all accounts of a person, thereby closing a formerly intrinsic security gap. Bridging between established governance silos within organizations enables full enforcement of Segregation of Duties rules for both business and privileged access. Thus, it substantially improves an organization's security posture.

1 Summary

Traditionally, the management of identities and their access to IT systems within an organization have been split up within different disciplines. Bus ...

Login Free 30-day Select Access Get full Access

2 The KuppingerCole IAM/IAG Reference Architecture

The KuppingerCole IAM/IAG Reference Architecture provides a comprehensive and evolving foundation for deriving and implementing standardized, yet adeq ...

The building blocks are categorized as

  • indispensable (Core IAM),
  • complementary (Extended IAM) and
  • peripheral (Adjacent Areas of IT),

w ...

Login Free 30-day Select Access Get full Access

3 Blueprint for a Privilege Management / Access Governance Integration Architecture

Managing and governing access to systems and resources is a key task for any IT organization. Issues arise when highly privileged business users need ...

The building blocks highlighted as yellow constitute essential parts of an integrated Privilege Management and Access Governance approach, while other ...

This information can then be leveraged within the Access Governance functions of the IAM solution:

  • During the course of an Access Review all autho ...

The main benefits include:

  • Having unified audit and logging capabilities and processes provides a higher level of transparency into the overall Ac ...
Login Free 30-day Select Access Get full Access

4 Recommendations

The integration of Access Governance and Privilege Management at the IAM architectural level enables the definition and deployment of a wide range of ...

Login Free 30-day Select Access Get full Access

Copyright

©2019 KuppingerCole Analysts AG all rights reserved. Reproduction and distribution of this publication in any form is forbidden unless prior written permission. All conclusions, recommendations and predictions in this document represent KuppingerCole´s initial view. Through gathering more information and performing deep analysis, positions presented in this document will be subject to refinements or even major changes. KuppingerCole disclaim all warranties as to the completeness, accuracy and/or adequacy of this information. Even if KuppingerCole research documents may discuss legal issues related to information security and technology, KuppingerCole do not provide any legal services or advice and its publications shall not be used as such. KuppingerCole shall have no liability for errors or inadequacies in the information contained in this document. Any opinion expressed may be subject to change without notice. All product and company names are trademarksTM or registered® trademarks of their respective holders. Use of them does not imply any affiliation with or endorsement by them.

KuppingerCole Analysts support IT professionals with outstanding expertise in defining IT strategies and in relevant decision-making processes. As a leading analyst ompany, KuppingerCole provides first-hand vendor-neutral information. Our services allow you to feel comfortable and secure in taking decisions essential to your business.

KuppingerCole Analysts, founded in 2004, is a global analyst company headquartered in Europe focusing on Information Security and Identity and Access Management (IAM). KuppingerCole stands for expertise, thought leadership, outstanding practical relevance, and a vendor-neutral view on the information security market segments, covering all relevant aspects like: Identity and Access Management (IAM), Governance & Auditing Tools, Cloud and Virtualization Security, Information Protection, Mobile as well as Software Security, System and Network Security, Security Monitoring, Analytics & Reporting, Governance, and Organization & Policies.

For further information, please contact clients@kuppingercole.com.

top