On average how long does it take for a new hire to be FULLY provisioned to all applications and systems they need to do their job?
What percentage of your identity lifecycle management tasks (joiner, mover, leaver) require IT intervention?
How many different passwords does your typical user have to access enterprise resources (not personal resources)
Approximately what percentage of your total IAM workload involves Active Directory and/or Azure Active Directory?
How confident are you that all your privileged accounts (including service accounts and 3rd party access) and administrator activities are controlled, monitored, recorded and secured, with individual accountability?
How equipped do you feel your identity and access management program is to deal with change (such as M&A, digital transformation, new applications or user populations, new regulations, Shadow IT, etc.)?
IAM is many different things and what matters to one organization may not be as important to another. This score is meant to quantify your position for the most common IAM challenges.
You are just beginning on your IAM journey and almost any action you take will dramatically improve your security, agility, and operational efficiency. We recommend you start with your hybrid Active Directory environment and then reassess. For help starting your IAM journey, download and read the eBook: Security Starts Here: Identity
You are doing well in some areas of IAM, but have several other areas that you could improve. We recommend you focus on the lowest scoring category from the detailed findings.
Your IAM program is performing well. However there are definitely areas for continued improvement. We recommend you focus on the lowest scoring category from the detailed findings.
Identity lifecycle management (often called provisioning or joiner/mover/leaver) is the lynchpin to any successful IAM program. Generally all organizations struggle with identity lifecycle management to some extent, with complexity and change being the biggest culprits.
Your identity lifecycle management processes are inefficient, and may rely on manual processes. By automating these troublesome workloads, you can dramatically improve operations, security, and move on to important IAM objectives such as governance and digital transformation. For advice on where to start and where you can achieve the highest rate of return, download and read this ebook Security Starts Here: Identity Governance and Administration
You have many of the troublesome identity lifecycle management workloads automated but there is still room for improvement. For help identifying potential next steps and additional areas for improvement, download and read this ebook:
Strategies to Ensure the Success of Your Identity Governance Project
Your identity lifecycle management program is running smoothly and delivering significant value. However, there’s always room for improvement. We recommend expanding your existing success to additional systems and additional IAM workloads – such as privileged access management. For some more specific ideas, download and read this ebookThe 10 Universal Truths of Identity and Access Management
Account management includes the IAM workloads that are most apparent to the end user. It includes password management, single sign-on, and unified access to heterogeneous resources. Most organizations have achieved maturity in pockets of access management while additional areas may remain problematic.
Your users spend too much time logging on, and your IT department spends too much time helping users retain access. Simple solutions such as automated AD account lifecycle management and self-service password reset can dramatically improve your ability to address these challenges. For some ideas of where to start and the impact IAM technologies can have, download and read this ebook Security Starts Here: AD Account Lifecycle Management
You do a pretty good job of granting users the access they need. There are specific areas where you may be able to realize significant improvements. Typically the biggest improvements can happen with automation of Active Directory account lifecycle management workloads. For more information download and read this ebook The Top 5 ways to relieve the Pain of Managing Hybrid AD
Your account management program is good. While you have the opportunity for continued improvement your biggest opportunities arise when you expand your successful program into additional areas. For some ideas on how your success in access management can affect other areas of IAM, download and read this ebook The Breach Prevention Playbook
Privileged access management encompasses the practices and technologies you put in place to ensure that administrative accounts (such as root or Admin) are controlled, audited, secured, and that you can assign individual accountability to administrator activities while detecting inappropriate activities. This is the fastest growing IAM discipline and is central to security and compliance initiatives.
Your administrators generally operate without oversight and when an incident occurs it would be difficult for you to trace its origin and remediate the situation. You are at risk of a breach or audit finding. Simple privileged access management (PAM) practices can dramatically improve your position in this important IAM discipline. For help determining where to start, download and read this ebook Security Starts Here: Privileged Access Management
You have many privileged accounts secured but there is still room for improvement. Most often adding session audit or privileged account analytics to an existing PAM program will deliver major improvements. To learn more, download and read this ebook:
Strategies for Successfully Managing Privileged Accounts
You have a rich and successful PAM program. The next step may be to include your PAM program in your enterprise governance strategy. To learn more, download and read this ebook Security Starts Here: Identity Governance and Administration
The ability to adapt to change is often the Achilles Heel of IAM programs. Mergers and acquisitions, digital transformation in the form of an influx of new cloud-based computing resources, and an increasingly mobile workforce all can stretch an otherwise successful IAM program to its breaking point.
change may cause challenges for your IAM program. It often results in the need to acquire new IAM technologies (while maintaining legacy solutions), expanding silos of IAM operations, and disruption of the established workloads. To learn how to implement IAM in a way that can embrace and facilitate your desired evolution download and read this ebook Security Starts Here: Identity
your IAM program is generally able to handle change. However, there are still instances where change delays desired outcomes, introduces inefficiencies, or requires new silos of IAM. These can all be overcome with a holistic and future-ready approach to IAM. To learn how, read this ebook Security Starts Here: Identity
Your IAM program is well equipped to handle change, including digital transformation. We encourage you to remember that IAM is not a static destination but rather a constantly evolving journey. Without constant vigilance, the program that is successful today may be inadequate tomorrow. To stay on top of the inevitable changes and ensure that your IAM program keeps pace, we recommend you download and read the ebook:
The 10 Universal truths of Identity and Access Management