Professional Documents
Culture Documents
IAM Healthscope Report
IAM Healthscope Report
Student's Name
Institution Affiliation
Facilitator's Name
Submission Date
IDENTITY AND ACCESS MANAGEMENT 2
Executive summary
One of the biggest challenges that many systems face all over the world is Information
security. There is need for the security experts in the organizations to device extensively the
ways of dealing with the security breaches they face. The organizations need to ensure that all
the firm’s and stakeholders information is secure.
The chief information security officer (CISO) in HealthScope Company has invested in
IAM. Its importance, development for the recent IAM technologies ensures the security of the
company’s information and system.
Introduction
.
IDENTITY AND ACCESS MANAGEMENT 3
IAM plays a role of allocating the rightful resources to the rightful end-users of the
system, in the rightful context. IAM therefore, provides an organization with tools and
technologies needed to change roles of the users, track activities in the systems, create reports
based on the activities and enhance the policies. These systems provide a means of administering
users access across the organization and ensure compliance with policies and organizational
governments’ regulations. Microsoft suite applications such as SharePoint and cloud-based
systems such as Microsoft Azure and Microsoft Office 365 contain embedded Identity and
Access management systems integrated with them.
Developments of Identity and Access Management. Over time, the nature of security
needs for organizations has changed drastically. It has become more complex and users are
demanding more from the systems. This prompted the development of a better system that is able
to serve the different user needs in a timely manner. The development of IAM came in a major
breakthrough for most organizations due to its ability to meet most of the user needs. It offered
an effective and secure access to information, an element that is highly revered by most
organizations. Its ability to only guarantee legitimate access made it even better since users can
only access information allocated to them, (Nevis, DiBella, & Gould, 2000)
With IAM organizations were sure to achieve a number of benefits hence its rapid
adoption. All organizations seeking to diversify their system and keep it secure can rely on IAM
because it guarantees a wide range of benefits.
ensure security if its infrastructure, it is important for it to implement Identity and Access
Management. It enhances productivity by allowing every individual involved access to the
system in a timely manner without putting the organization’s assets to risk. Over time,
organization systems have become complex and more complex every day, With IAM, it is
possible to have a synchronized system that can serve all the needs of every user. It will allow
for consolidation and merging of all required information in a simple manner enhancing the
client experience which is an integral part of every organization, (Posey, Roberts, Lowry &
Hightower, 2014).
IAM is an important decision making tool for every organization. With its ability to
provide adequate information to every user in the system, they are able to make informed
decisions with the information provided. It is able to give different sets of data in an organized
manner giving the user a chance to interpret it with so much ease. Decision making is an
important part of an organization’s day to day operations hence the need for a tool that enhances
the quality of a decision made. With IAM, an organization is sure of quality decision making
since all system users are guided through it by the system, (Straub & Welke,1998).
According to Saltzer, & Schroeder, (1975), any organization that is looking to protect
itself from industrial espionage is sure to incorporate IAM in its security system. This is because
with the increasing development in technology, it has become easy for hackers to gain access in
many systems. This is especially for the basic password protected systems which have no extra
encryption. IAM gives an organization the opportunity to protect its information and easily
identify and prevent threats to its critical information. Other than identify and prevent, an
organization is able to identify the immediate source of threat hence allowing the organization to
fortify the system even further.
Recommendation. Benantar, (2006), in their book claim that, IAM is one of the most
flexible security systems in business right now. It works in an organized manner i.e.,
identification, authentication and authorization. This systematic approach to working makes it
possible to use IAM in different technological environments. Flexibility is a major consideration
in today’s market because organizations want a security system that can be used in different
platforms. For any organization seeking to ensure a wide variety of benefits from it system, IAM
IDENTITY AND ACCESS MANAGEMENT 5
is the way to go. Other than it being efficient, IAM is cost friendly and an organization gets to
benefit more and spend less.
Conclusion. IAM is one of the most effective security tools that is able to perform a lot of
tasks in a short time. Apart from ensuring the system is secure, it is able to filter information
after identification in order to ensure the access granted is legitimate. These among other benefits
including it being cost effective to a company makes it the best security tool.
IDENTITY AND ACCESS MANAGEMENT 6
References
Benantar, M. (2006). Access control systems: security, identity management and trust models.
Springer Science & Business Media.
Bhattacharyya, M., Thriveni, T. K., & Deepti, C. (2018). Identity and Access Management in
Cloud-A Review of Current Trends and Future Research Directions.
DiBella, A. J., Gould, J. M., & Nevis, E. C., (2000). Understanding organizations as learning
systems. In Knowledge, Groupware and the Internet (pp. 43-63).
Gunter, C. A., Liebovitz, D., & Malin, B. (2011). Experience-based access management: A life-
cycle framework for identity and access management systems. IEEE security & privacy, 9(5),
48.
Hightower, R. T., Lowry, P. B., Posey, C., & Roberts, T. L., (2014). Bridging the divide: A
qualitative comparison of information security thought patterns between information security
professionals and ordinary organizational insiders. Information & management, 51(5), 551-567.
Straub, D. W., & Welke, R. J. (1998). Coping with systems risk: security planning models for
management decision making. MIS quarterly, 441-469.