Once all of the roles are defined, it’s time to document them and obtain approval for their use. We’re now past the point where the distinction between enterprise and IT roles matters, so in this segment I go back to the generic term, “role.” Documentation and approval Once testing is complete, the final roles should [...]
Identity Management Series – Role- and Rule-Basing Part 4: Documentation and Approval
June 28, 2010 By
Identity Management Series – Role- and Rule-Basing Part 3: Designing and Testing IT Roles
June 25, 2010 By
Now that enterprise roles have been identified and prioritized, it’s time to tackle IT roles, and figuring out IT roles is where the rubber meets the road. Chances are, neither the department heads nor the HR team can help on this one. It’s up to the identity management team and business “power users” to determine [...]
A Difference of Perspective
June 24, 2010 By
I recently participated in a briefing with Cisco where Cisco’s David Bump explained to me the idea behind the Cisco Learning System. The Cisco Learning System works to fill the IT talent gap by partnering with both public and private partners to help increase the supply of qualified professionals. David caught my attention when he [...]
Boost Your Security Career
June 23, 2010 By
In my experience, the more we explore the tradecraft of our profession, the more we position ourselves for career success. For me, this means a lifelong study of communication – verbal and written – blended with human ecology and the fundamentals of security. It’s an odd mix, but with my focus on Awareness that Works™, [...]
Identity Management Series – Role- and Rule-Basing Part 2: Identifying & Prioritizing Enterprise Roles
June 22, 2010 By
The first step in role- and rule-basing is identifying and prioritizing the enterprise roles. This sets the direction for the entire effort, which – make no mistake – will be time consuming. Doing some thoughtful planning up-front is therefore imperative to ensuring that you don’t start out off-track. Identifying the roles in the organization is [...]
Identity Management Series – Role- and Rule-Basing Part 1: Introduction
June 18, 2010 By
At this point in the identity management process it is time to consider what access the company’s job functions should have to begin creating roles and rules. This is the first step in automating provisioning and de-provisioning. Even without automation, creating and managing the roles and rules will make manual provisioning (and auditing!) quite a [...]
Into the Breach – Audio Series – Chapter 11 (Outsource with Security and Success)
June 1, 2010 By
Welcome to the continuation of the Into the Breach: Protect Your Business by Managing People, Information and Risk audio series. (Click this link) to learn more about this how this book solves today’s challenges and pick up a complete copy. This series, underwritten by Configuresoft, now part of EMC, is the full and unabridged audio [...]
Podcast: Play in new window | Download (10.0MB)
Guest Post: Why and How to Invest in Yourself
May 27, 2010 By
This is a guest post from Jill Van Zelfden - a friend of our practice and a passionate professional. Initially connected through twitter, our conversations have demonstrated her zeal for our field, as well as her insights. When I offered the Catalyst Career Compass – Jill jumped at the opportunity and captured this post as [...]
Identity Management Series – HR as a Source of Record Part 5: Reliability and Accessibility
May 26, 2010 By
We’ve now gone through the employee’s full lifecycle and discussed how to interpret and manipulate HR data to facilitate automation in identity management for new hires, transfers, and terminations. We wrap up this this month with a focus on the accessibility and reliability of HR data. At a minimum, you should know what to expect [...]
Engage with Michael