April 30, 2015 4:30:24 AM EDT | Blog I Think Therefore IAM

IAM is becoming more of a focus. Your data is secure, but who is using it; when they are using it and why? Read on to learn more

Descartes probably didn’t have Identity and Access Management in mind as a 17th century philosopher, but for security professionals that’s not a philosophical statement – it should be a way of life.

IAM is defined as “the security discipline that enables the right individuals to access the right resources at the right times for the right reasons.” by Gartner. As more and more breaches hit the news, IAM is becoming more of a focus. It’s not enough to know that your data is secure, but do you know who is using it; when they are using it and why?

You cannot rely on just one strategy to ensure security. Rob Enderle suggests a 3-level approach. Do you rely on just one? As many firms are realizing, there is no single magic solution. At the very least a strategy that has multiple layers that is well-defined, broadcast to the organization and re-enforced with continued training is imperative in this day and age. It’s the responsibility of Security teams to identify and mitigate risks, but is the entire organization that has to have the thought of potential threats on their mind.

It’s not just the generous Prince of a foreign nation that we have to fear. As we know, hackers and infiltrators are becoming more and more sophisticated. It’s not necessarily a blunt-force attack that we need to look out for. The well-thought out and strategically approached assault is what needs to concern security and IT people.

If you know who has access and who should be accessing information, then you can set a baseline for business-as-usual. If credentials are compromised, then you should be able to tell when anomalous behavior is taking place. The time from assault to detection is vital. The sooner you know of an intrusion, the sooner you can remedy the situation. If an attack is not detected for a period of time, then no matter what controls you have in place, the proverbial barn door has been opened for too long.

Having complete knowledge of what is going on in your environment takes time. You have to first understand what you have, whether appropriate controls are in place, and what your legacy environment was like before the controls were put in place. If you communicate the need for diligence to your company, understand that not everyone will take threats seriously. It is the ability to detect anomalous behavior that will be your strongest defense against intrusion.
Rosario Mastrogiacomo

Written By: Rosario Mastrogiacomo

Rosario Mastrogiacomo is the Vice President of Engineering for SPHERE, where he focuses on solving complex security and infrastructure problems involving the processing and analysis of large data sets to find creative and out-of-box thinking solutions. Rosario has been working as a technology leader for over 25 years at financial organizations such as Neuberger Berman, Lehman Brothers, and Barclays. He has held various senior leadership positions including Global Head of Core Software Engineering, Head of Mac Platform Engineering, Global Head of Windows Engineering, and Windows Support Manager. Rosario has built and managed several teams within these positions, some with multi-million-dollar budgets. For the last eight years at SPHERE, Rosario has built the team and methodologies for the development of SPHEREboard. Rosario holds a B.S. in Business Administration from Baruch College (CUNY).