What are the best practices for identity and access management you’ve implemented that have been most effective for improving your overall security posture?

Security Strategy & RoadmapIdentity & Access Management (IAM)
6.3k viewscircle icon1 Upvotecircle icon9 Comments
Sort by:
VP of Information Securitya year ago

password rotation for service account and use of vault.

VP of Information Securitya year ago

Integration with ITSM tool for common source of request, avoid duplicate digital identity for same person(human), unique identity for each human, enable MFA, access policies based Need to Know fundamentals are few key best practices.

IT Manager in Constructiona year ago

Start from a zero trust approach everywhere. It should lead your mind and mindset.

Director of Systems Operations in Healthcare and Biotecha year ago

MFA, Account / Access Review, Account Time Outs.

Lightbulb on1 circle icon1 Reply
no titlea year ago

Agreeed + PAM and SSO.

VP of Information Security in IT Servicesa year ago

Zero Standing Privileges

1 Reply
no titlea year ago

+1

Content you might like

Has anyone gone through the UK's Cybersecurity Essentials Plus certification and if so, would you be willing to share with me your experience and what was involved? I just want to make sure I understand what is involved and what is in scope.

If your company has an established information security program, which framework is the program based on for controls?

NIST CSF25%

ISO 2700166%

CIS Controls (Centers for Internet Security)36%

NIST SP 800-5320%

Other3%

View Results

We’re evaluating a new ERP. Our company, PROENERGY is a vertically integrated power partner (gas plant design/build, O&M, manufacturing including our PE6000 turbine, and 2.6 GW ERCOT operations).

Considering: SAP Public Cloud, Oracle Fusion Cloud, Microsoft Dynamics, IFS, and Infor Construction Cloud.

Key needs: manufacturing, complex structure with built-in consolidation/reporting, long-range planning, procurement/inventory, and core accounting.

We use Microsoft Dynamics today for CRM/Field Service. Biggest concerns: implementation partners and support resources.

Would love your thoughts.

Read More Comments

Is there more or less funding for your org's security awareness and training program this year compared to last?

Much more12%

Somewhat more43%

A bit more24%

Neither - same funding15%

A bit less4%

Somewhat less

Much less

View Results

What are the toughest cultural or operational challenges that come with implementing a zero-trust policy, in your experience? How did you tackle those issues when they came up?