Identity & Access Management

Having worked for over 15 years on Identity and Access Management (IAM) projects, I have noticed that many of these projects only partially met user expectations, that they had many flaws, and that they did not respect the budget and/or the deadline desired by the business teams. Even worse, many security flaws can be traced back to the technical implementation of these infrastructures or to the implementation, or even the design, of business processes.

The post-mortem analysis of some of them allowed me to identify the origins of this lack of quality and to propose a methodology in order to carry out such projects. The broad outlines of this methodology can be adapted to other types of IT projects, only the details of this methodology will be applied to Identity and Access Management (IAM) projects.

In addition, the following topics are also covered:

• Business Analysis: How to conduct a successful business analyis of the processes in the context of IAM.
• Architecture and Technical Implementation: Mostly based on SailPoint's IdentityIQ
• Dataset: clean data sets are essential for success. How to check it?
• Identities, Accounts, and Entitlements
• Business Modeling
• Compliance
• Provisioning and Workflows
• Auditing
• Security and the Environment
• The Power of AI: Artificial Intelligence (AI) may be useful to model your business, to detect outliers. But, implementing it may also introduce new security flaws, and you should consider to protect your solution.

Notice: You must be registered to get access to the most of the detailed parts of this domain.