What security pros can learn from space travel

September 2, 2020
NASA astronauts Doug Hurley and Robert Behnken (right) walk to the SpaceX Falcon 9 rocket at the Kennedy Space Center on May 30 in Cape Canaveral, Florida. The inaugural flight was the first manned mission for the U.S. since the end of the Space Shuttle program in 2011. Today’s columnist, Grady Summers of SailPoint, says security pros can learn a lot from the trust and teamwork the SpaceX and NASA crews display. (Photo by Joe Raedle/Getty Images)
  • Security. Many security incidents occur -- or their impact becomes worse -- because roles have been set up improperly. I've seen cases where the compromised identities belonged to employees who had been terminated months before the breach -- yet the accounts were never disabled. Or an employee's credentials were stolen, then used to access information that they never needed in their role, but they'd been granted overly generous permissions because it was easier at the time. In a well-run identity program, these risks are mitigated with automated access provisioning, role optimization and MI-aided access reviews. This way, the identity team knows at all times who throughout the organization has access to what, and whether that access is appropriate.
  • Productivity. When a new person starts a new role at a company, the company needs for them to hit the ground running. Good identity governance ensures this new person gets provisioned with all the correct assets and resources that they need to do their job from the start.  And, as they move within the organization, IT can tune and optimize access as their role at the company changes.
  • Cost. Organizations don’t want to pay for unnecessary assets, which is why they need to have the right people have access to the right resources at the right time. When entitlements (access request workflows, access assignments and reviews) are optimized for excess resources that are not utilized it lets companies reallocate budgets to growing the business.
prestitial ad