SecuritySIEM

Three Questions to Ask about Identity Management

Identity ManagementSome years ago, we knew RSA as the company that made those key fob tokens for dual-factor authentication. Indeed, they were pioneers in the multi-factor authentication space, and to my knowledge, no one has ever found a way to successfully beat their SecurID token-based authentication. But RSA is so much more than that these days. Even the venerable SecurID product has grown into a powerful and flexible Identity Management solution.

Unfortunately, “powerful and flexible” can sometimes translate into “I’m not sure where to start with this.” So here are three questions that may help you get on the right track:

  1. What do you want to protect?
  • Do you just care about securing your VPN, or do you care about more granular protection of resources within your on-prem network? How about Cloud and SaaS applications? Do you need to protect them as well?
  1. How do you want to protect it?
  • What kinds of authenticators do you want to use? These days, in addition to the traditional hardware and software tokens, SecurID supports push notification to mobile devices, fingerprint (for devices equipped with fingerprint readers), SMS messaging, Apple Watch, FIDO tokens, and more.
  • Do you want a “one size fits all” approach to authentication, or do you need more flexibility and granularity, where the level of strong authentication depends on who the user is, what resource the user is trying to connect to, where the user is connecting from, what time of day / day of week the user is trying to connect, and/or whether this particular access scenario is different from the user’s normal pattern of connectivity? For example, if Jane normally connects from within the corporate network or, occasionally, from home on the weekends, but suddenly someone identifying as Jane is trying to connect from an Internet café in Hong Kong on a Tuesday evening, we probably want to demand a stronger level of authentication before granting access.
  1. How do you want to consume it?
  • Do you want to purchase perpetual licenses, or subscription-based licenses?
  • Do you want the authentication system to be all on-prem, all in the cloud, or a hybrid of the two?

If you think through the answers to these questions, you’ll have a much better understanding of your business case for strong authentication and identity management, and we can help you assemble the best solution for that business need.

Contact Xiologix