Highlights of Simeio’s First “Ask Me Anything Coffee Talk Series”
On April 22, Simeio held its first “Ask Me Anything Coffee Talk Series”. The topic was “How modern IGA empowers secure workforce collaboration in a work-from-home era”. The session hosts were Dave Culbertson, VP of Products at Saviynt and Ed Pascua, SVP of Channels at Simeio.
Increasing data breaches, such as privileged account misuse, have organizations struggling to manage access and compliance across diverse users and IT infrastructure that incorporate more applications.
Identity governance and administration (IGA) solutions are critical infrastructures that enable enterprises to maintain control over security and privacy challenges.
Coffee Talk highlights
Adoption rate predictions for work-from-home indicate an increase because of convenience, requirements due to health risks, and other factors, even when COVID-19 subsides. In fact, by the end of 2021, estimates are 25-30% of the workforce will work-from-home multiple days a week.
Work-from-home and remote work trends
It appears the trend we see today will likely continue over the long-term. Which leads to the question, how can companies remain secure and ensure privacy, as more employees work from home?
Collaboration tools, like Slack and Teams, are making it easier to conduct business remotely, enabling employee productivity and connection with co-workers, business partners, and customers.
Risks associated with collaboration tools
Collaboration requires the sharing of files and data. As the usage of these apps grows, it becomes increasingly more difficult to control, protect, and keep private, personally identifiable information (PII). Payment card data (PCI), personal health information (PHI), and company intellectual property (IP) are becoming more vulnerable to fraudulent access.
Business and security policies and the ability to configure and monitor the information must be in place. Most collaboration tools have basic controls over role-level access, such as group owners, members, and internal/external guests, using policies to define what each role can and can’t do.
However, these tools don’t extend user roles and what they can access to other corporate systems. They also lack the continuous monitoring and governance over the platforms themselves. They can’t ensure they are configured correctly and don’t support IT general control (ITGC) auditing best practices.
Modern IGA platforms help organizations control collaboration tools
A modern IGA solution will provide ITGC capabilities natively. For example, the Saviynt platform offers modules for integrating collaboration tools within the IGA platform. IGA data access governance provides file and folder-level permissions that scan and classify content based upon business policies. They can support ITGC controls that can be layered on top of applications like Office 365, Teams, Slack, and others. They monitor egregious behavior, with the ability to take action to remediate, by terminating users, preventing the sharing of data, and documenting the activity for audit purposes.
People, process and technology
Collaboration tool risk mitigation involves people, process, and technology. Technology can accelerate return on investment and improve a company’s security posture. Sound policies require some level of human involvement to think through challenges and implement the technology. That old saying, “garbage in, garbage out” holds true. A data governance foundation built upon inadequate policies will result in a poor outcome.
Benefits for companies using IAM platforms as managed services
This ties back to leveraging the right people, processes, and technology. IDaaS providers, like Simeio, become part of the customer’s team. They bring expertise and understanding of how diverse systems integrate. They bring the use of best practices to IAM solutions.
During this time of social distancing, there are unprecedented numbers of work-from-home users. With the deployment of new collaborative applications, time is critical, on-demand expertise is vital, and understanding diverse technology integration is essential for deploying the right solution, and delivering it quickly.
Best practices for work-from-home and collaboration tools
It’s essential to establish a needs assessment that identifies your business requirements before deploying collaboration software. Next, define a security assessment that identifies the data you want to be allowed to share, who the entities are that you are granting access, and what the user roles are, including why they need access, and what they can access.
Want to learn more? You can watch last week’s on-demand Coffee Talk session at https://www.brighttalk.com/channel/17142/.
We hope you can join our next Coffee Talk, where you can chat with IAM experts, and learn, ask questions, and gain insights into how you can achieve greater security and privacy using IAM. Click here to see the full line-up.