If, on the other hand, there are more questions than answers to these questions—the senior executive must urgently be tasked with implementing a best practice identity and access management strategy. This can be achieved in three stages. First, to standardise administration of users, authoritative sources of identity information are identified and connected to the access management, user management and provisioning processes. In stage two, policy-based automation of approval processes and user self-service for requesting password changes, access privileges, and directory information updates enhance the user experience and enforce security policy. And, in stage three, monitoring actual user behaviour in the context of security policy and business controls is efficient and consistent when based on a set of automated, integrated identity management processes.
The fundamental fact remains that the risk of passwords being compromised is becoming greater and greater, because it's becoming easier to download tools that will crack them. And industry is not doing enough to tackle the issue. The centralised management of identities and access privileges enables the policy-based management of enterprise identities and their corresponding access privileges, and it strengthens the organisation’s ability to establish, monitor, and validate access policies. Start now—before it’s too late.