CyberSolve

The Workforce IAM

Actionable Advisory Assessment

The many facets of Workforce Identity & Access Management (IAM) is one of the most complicated organizational set of activities to take on. The ubiquitous nature of IAM stretches to all entity types, whether they be human accounts (employees, contractors, consultants, customers, patients, students, etc.) or non-human accounts (systems, services, applications, bots, etc.). Creating, managing, and mitigating the authentication and authorization privileges of these accounts across the enterprise data center and cloud has seen the risk of failure hit an all-time high. To mitigate this risk, a clear, concise, achievable plan and process must be in place. This is where CyberSolve excels. Since 2016 we have been helping our clients plan, build, and execute IAM solutions and making certain they can fulfill their operational goals once in place.

Our Workforce IAM Actionable Advisory Assessment (AAA) will allow your organization to discover and define what needs to be in-place, assist in building a reference architecture, and provide a roadmap for you that can be practicably executed. It is a blueprint that focuses on a practical, structured, and coherent approach to the management of users’ identities and their access to systems and data. Our roadmap will ensure the right entities get access to the right resources at the right times for the right reasons.

In order to provide this level of assurance we cover the following “core” components as part of the Workforce IAM Assessment:

Identity Governance & Administration (IGA)
  • Identity Lifecycle Management

  • Role Lifecycle Management

  • Microsoft Resource Access Mgt

  • Identity Data Storage Points

  • Identity Systems of Record vs. Sources of Truth

  • Identity Correlation & Deduplication

  • Credential Management & PKI

  • Automated Entity Provisioning

  • Role-Based User Provisioning

  • Segregation of Duties (SoD)

  • Attestation & Certification

Identity Governance & Administration (IGA)
  • Centralization of Identity Audit & Logging

  • Security Information and Event Management (SIEM)

  • Continuous Monitoring of:

    • Identities

    • Access Privileges

    • Assets

    • Activities

  • Preventive & Detective actions based on:

    • Identity Analytics

    • Identity Metrics

Access Management (Authentication)
  • Risk-Based Multifactor Authentication (MFA)

  • Privileged Access Management Authentication

  • Identity Assurance Levels (Proofing/Vetting)

  • Password/Password-less Management

  • Bio-Metric Driven Authentication

  • Policy Enforcement across Single Sign-On (SSO)

  • Open Standards Utilization (SAML , OAuth)

  • UNIX/Linux to AD Bridging

  • Federation of Identities & Services

  • User-Centric Identity (e.g. OpenID)

  • Bring Your Own Identity (BYOI)

  • Bring Your Own Authentication (BYOA)

  • Mobile Device Management

Access Management (Authorization)
  • Least Privilege Enforcement

  • Access Control Models including:

    • Role Based Access Control (RBAC)

    • Policy Based Access Control (PBAC)

    • Attribute Based Access Control (ABAC)

  • Automated Authorization Management

  • Privileged Access Management Authorization

  • Cloud Security

  • Zero Trust Modeling

  • API Security & Management

  • Data Access Governance (DAG)

  • Data Privacy

  • Data Loss Prevention (DLP)

A Deep Dive Into Our IAM Assessment Process:

An CyberSolve Workforce IAM Assessment will…

ASSESS & VALIDATE THE CURRENT POSTURE OF YOUR WORKFORCE IAM

CyberSolve assesses and validates the current state of your organization’s Workforce IAM environment(s) by identifying, summarizing, and prioritizing the unique needs and challenges you face. This is achieved by interviewing key stakeholders, business and application owners, and information security personnel to ascertain your current customer  requirements and the consumer facing resources (both human and technology) you have available to address these known requirements. We will then identify any additional requirements and validate your organization’s current state IAM architecture from a holistic point of view, taking into account the customer, consumers, staff, processes, and technologies that shape your environment. This will allow us to determine whether your organization’s requirements can be attained through improvements in processes, better utilization of existing technology, or if the acquisition of new products will be necessary to achieve your ideal future state.

ANALYZE YOUR REQUIREMENTS & RESOURCES

CyberSolve will evaluate and classify the identified Workforce IAM challenges, requirements, and resources gathered during the assessment of your current state IAM environment to develop an initial action plan for your organization that is both efficient and cost-effective.

DEVELOP YOUR FUTURE STATE AS AN ARCHITECTURAL BLUEPRINT & BUILD THE ROADMAP TO EXECUTE IT

CyberSolve will develop a detailed blueprint and roadmap that will enable your organization to achieve its ideal future state. This long-term, comprehensive roadmap takes a phased approach, focusing on incremental achievements to address your organization’s IAM and information security services needs and vision. The corresponding blueprint is comprised of the implementation of core IAM processes, procedures, and/or technologies. Both of these components will allow your organization to build an exceptional Enterprise IAM services framework that ensures the effective and secure performance of security services in the future.

Three Phases With One Goal In Mind

The Workforce IAM Actionable Advisory Assessment is a zero-trust driven, three-phased approach to building a tangible, viable plan that answers all of your questions, like: What Can I Do? What Should I Do? How Am I Going to Get There? What will This Cost? and How Will I Maintain It?

Identify:

What does the organization need?

What is your organization’s most pressing challenges?

What current state issues have the most risk associated with them?

Are there regulatory requirements the organization hasn’t fulfilled?

What does the organization want?

What would make your current processes easier or more approachable for your workforce?

What additional ventures do your IAM and information security personnel wish to address?

How can the organization streamline the audit and compliance mechanisms in place today?

What works well currently?

What are the processes that virtually everyone in your organization follows?

What technology implementations are making your organization’s lives easier?

What isn’t working well?

What processes or procedures tend to get bypassed by members of your organization?

What processes or technology are deemed to be a hassle by your workforce and/or partners?

Summarize:

Breakdown of the current Enterprise IAM state specific to the organization

Document In-flight IAM adjacent projects that might impact integration of IAM solutions

List all current IAM challenges & issues

Define the risks and potential costs if individual Enterprise IAM issues are not mitigated

Prioritize:

Prioritize the Enterprise IAM:
Issue
Risk
Requirements

Define which must be addressed now vs. at a later point in time

Ascertain what the cost of doing nothing is

Plan:

Enterprise IAM requirements to mitigate the issues, risks and regulation gaps

Future State IAM Architectural requirements

Organizational Constraints & Dependencies around Customer processes and technology

Build:

Future State Enterprise IAM Reference Architecture(s) (by temporarily removing budgetary, resource & timeline constraints)

Conduct a Gap Analysis (i.e. how to get from Point A to Point B in your Enterprise IAM journey)

Build:

An Actionable Program-Driven Roadmap (using budgetary, resource, & timeline constraints)

Actionable Implementation Project Plans consisting of:

Constraints & Dependencies

Preparatory Steps

Work Breakdown Structures (WBS)

Deliverables & Outputs Required

Resourcing Requirements

Costing & Budget Requirements

Run:

Enterprise IAM Vendor Recommendations to fulfill your organization’s IAM Roadmap requirements (when current technology won’t cut it)

Post-Production Operational Staffing Models to assure your team can care and feed for your IAM implementations

Optional Managed Service offerings to allow for you Project Teams to stay focused on Projects and your Operations Team to stay focused on their core management initiatives