My IDM Experience

Enterprise security has long been the luxury or a good to have framework for an organization but no more now. It is at the core of an organizations's information security structure.

Poorly controlled enterprise applications/processes/data may lead to regulatory non-compliance because if the organization is audited, management will not be able to prove that company data is not at risk for being misused. In 2005, after ID heists at ChoicePoint, Bank of America and LexusNexis lawmakers began making moves to put the onus for safeguarding customer info and identity on the shoulders of the enterprises. Sarbanes-Oxley, Gramm-Leach-Bliley, HIPAA—each holds the organization, in various ways, responsible for controlling access to customer and employee information.

Identity management is a term that refers broadly to the administration of individual identities within a system, such as a company, a network or even a country. IAM solution can be used to initiate, capture, record and manage user identities and their related access permissions in an automated fashion. This ensures that access privileges are granted according to one interpretation of policy and all individuals and services are properly authenticated, authorized and audited.

So IAM projects may not directly increase either profitability or functionality of an organization but however, a lack of effective identity and access management poses significant risks not only to compliance but also an organization’s overall security. These mismanagement issues increase the risk of greater damages from both external and inside threats.

About Myself, I am an enterprise security solutions technical consultant/developer having been working for six years in this domain with various organizations for various clients. My expertise broadly is on Oracle IAM solutions.

I have created this space to share my experiences,expertise,innovations and ideas.