Security is best when it’s silent
At SecurIT, we believe that security is best when it’s silent – working behind the scenes to provide seamless access, and only intervening when something is wrong. This way your company will be able to keep delivering your services and also help your clients that want everything fast and simple. In order to achieve this, Access Management has to be a integral part of your security policy. Access Management is a program, not just a project. It ensures the safety of your data and the data of your customers and ensures the continuity of your business.
What is Access Management
Access Management makes sure that every person is able to use the right services and applications, in a safe manner at the right time. The following aspects are important:
- Identification and authentication: who is the user (identification) and how does he prove that he is who he says he is (authentication).
- Authorization: What access and rights will the user have once he is authenticated, based on the context and circumstances?
Besides that there also has to be administration of the users and their services. This has to be done in a secure way in order to pass audits.
Since the beginning of SecurIT, we specialized in Identity and Access Management. We took this knowledge and translated it to a valuable practice. This enables our customers to benefit from our accumulated knowledge and our experience with a variety of different IAM products.
We believe in an integral approach and prefer to be involved right from the start. We help you set requirements and wishes, support the functional and technical design, and also implement the solution with customization. Once we get to production, we offer customized support to expand functionality even further or to solve any problems. Because we are convinced Access Management plays a integral role in your company, we are aware of the importance of integrating with other applications and third parties.
Access Management is constantly changing, a lot has been changed since we started implementing IBM Security Access Manager back in 1999. In the beginning, there was only simple access control based on a username and password, and authorization based on a group membership in LDAP. Back then, secure communication based on encryption wasn’t a norm and data protection and privacy were hardly topics. Years later the awareness of cyber security increased and with that, the legislation has become more mature.
For Access Management this means a greater need for complex authentication processes, including multifactor authentication and biometrics, on-demand provisioning and context-based authorizations.
Other major expansions since the beginning of Access Management:
- Federations: for example eHerkenning and DigiD, but also social logins such as Facebook, Twitter and LinkedIn.
- API protection: more and more companies and institutions offer application interfaces to integrate directly with them, which has to be done in a secure manner. For example, the PSD2 standard that obliges banks to make their services available for third-party services.
- Development: the developments keep following each other faster and faster, and a faster life cycle must also be followed within security. Security patches can no longer wait for a favorable moment, but must be applied immediately.
GET IN TOUCH
Do you want to discuss the possibilities and get to know us?