Identity access management (IAM) is an older approach to enterprise security that is complex and difficult to manage across all users, throughout the business and its many systems, both sanctioned and shadow, along with the associated on- and off-premise data.
Just keeping everyone’s roles-based access privileges up to date is difficult these days as divisions, units, and separate operating entities seem to continuously spin them up and down.
But it can also be limited based on its foundation. Security shouldn’t end with your business title because in modern organisations, designed to be agile, flexibly adapting to market conditions, quickly creating and releasing new products and services, you have to access new systems and data this week that you don’t necessarily need next week.
And, let’s be honest, what IT department (usually responsible for setting IAM privileges) has the tools and resources to be able to deal with IAM issues within a week or two, let alone a couple of hours? It’s just not reality for most businesses.
Integration in these environments is nearly impossible to do anywhere near to resembling fast.
Another problem with centralised, static IAM that’s largely ‘hard-coded’ and has to be periodically updated, is that it doesn’t factor in issues such as the behaviour of people. It’s essentially a ‘dumb’ system because it’s based on set policies. You can change them but it’s not a quick and easy thing.
Fraud and corruption
South Africans are also intimately familiar with serious business issues such as fraud and corruption.
Many of us have even been exposed to the mechanics of it through various media reports. Envelopes stuffed with cash and passed in folded newspapers are old hat.
You just can’t shift the volumes modern fraudsters require to maintain their indulgent lifestyles.
One modern method for defrauding an organisation is knowing the alert thresholds set by financial systems then handing out contracts or approving transactions for a fraction less to avoid setting off any alarms.
Like IAM access privileges, that alert is hard-coded. But modern security that’s based on machine learning can learn to flag multiple transactions set close to such thresholds.
What if someone’s passing a bunch of transactions a few rands below the threshold? There are many such examples.
Frictionless security with the intelligence of machine learning is the most effective solution for managing who can access what, where, and how. It continuously learns and updates. And, most importantly, it allows people to access the data and business systems they need to be able to get their jobs done regardless of when or how quickly those systems are added.