Security. Many security incidents occur -- or their impact becomes worse -- because roles have been set up improperly. I've seen cases where the compromised identities belonged to employees who had been terminated months before the breach -- yet the accounts were never disabled. Or an employee's credentials were stolen, then used to access information that they never needed in their role, but they'd been granted overly generous permissions because it was easier at the time. In a well-run identity program, these risks are mitigated with automated access provisioning, role optimization and MI-aided access reviews. This way, the identity team knows at all times who throughout the organization has access to what, and whether that access is appropriate.
Productivity. When a new person starts a new role at a company, the company needs for them to hit the ground running. Good identity governance ensures this new person gets provisioned with all the correct assets and resources that they need to do their job from the start. And, as they move within the organization, IT can tune and optimize access as their role at the company changes.
Cost. Organizations don’t want to pay for unnecessary assets, which is why they need to have the right people have access to the right resources at the right time. When entitlements (access request workflows, access assignments and reviews) are optimized for excess resources that are not utilized it lets companies reallocate budgets to growing the business.
54.7% of surveyed managers said at least one of their corporate subsidiaries were involved in a cyberattack chain launched against their company. SC Media spoke with experts from the research firm and cyber company that launched the study.