- Nokia's new N97 vs. the iPhone
- 10 Microsoft research projects
- Hard to get justice in MySpace case
- Smartphone smackdown: Storm vs. iPhone
- Apple removes antivirus support page
Entitlement management technologies can protect networks from internal threats, automate the process of keeping roles and access rights up to date, and reduce headaches related to regulatory compliance. It all depends on an organization’s needs.
IT managers facing compliance deadlines might appreciate the separation of duties features and audit trail data provided with entitlement management products from Jericho Systems, Oracle and Securent.
Security managers might embrace the fine-grained authorization policies that companies such as Aveksa automate for customers.
And companies looking to better protect intellectual property and customer privacy might decide to put entitlement management in place to lock down systems from widespread or unauthorized access.
Here are a few steps IT and security managers should take when determining how to fit entitlement management technologies into their organizations.
1. Create and define roles
Entitlement management technologies work with established roles to start, but can be used to analyze whether defined roles are appropriate or need to be redefined. While the software products will initially tap into existing identity management systems and access rights repositories, entitlement management tools can help update existing privileges to better suit the environment and changing business demands.
"There is a realization that the current approach to access governance isn’t working, because it is too manual and fragmented," says Deepak Taneja, CEO of Aveksa. "Entitlement management allows for the review of access policies to determine if established roles need to be updated and if the privileges are appropriate given the current state of the environment."
2. Establish team of business and security managers
Craig Shumard, CISO at healthcare provider Cigna, advises those considering an entitlement management project to dedicate a team consisting of IT and business managers. He says the collaboration will help ensure the roles are defined with the business in mind.
"You have no idea how many rocks you are going to have to look under when you start defining roles and sub-roles. Involvement from the business is critical in creating roles," Shumard says.
Mark Diodati, an analyst at Burton Group, told attendees at the research firm's Catalyst conference that working with the business to establish entitlement management is critical to establish "complex policies created from a business objects perspective."
Rss FeedRss Feed
| NetworkWorld, Inc. | About Network World, Inc. | Advertise | Careers | Contact us | Terms of Service/Privacy | Reprints and links | Partnerships | Press room | Subscribe to NW |
| IDG, Inc. | CIO | Computerworld | CSO | Demo | GamePro | Games.net | IDGconnect.com | IDG World Expo | Infoworld | JavaWorld.com | LinuxWorld.com | MacUser | Macworld | PC World | Playlistmag.com | The Industry Standard | IDG List Services | IDG TechNetwork |
 The Leader in Network Knowledge© 1994-2008 Network World, Inc. All rights reserved. |
Partner Content
NetScout and analyst Jim Metzler have teamed to deliver a series of IT Briefs on Network and Application Performance Management leveraging research from NetScout’s nGenius & Sniffer users.
www.netscout.com
Metzler on CIO Priorities
The top five CIO priorities based on a survey of NetScout users revealing CIOs' top priorities and what they think they should be. Also includes interviews with CIOs of large organizations.
Read the Report
Metzler on Application Delivery
How to eliminate the stovepiped or siloed nature of application delivery from both an organization and a technological perspective.
Read the Brief
Metzler on Network Troubleshooting
Overview of network troubleshooting that provides an assessment of where we are, and where we need to be relative to the complexities of today's IT challenges.
Read the Brief
Comments (1)
RE: How to develop an entitlement management strategyBy Doron on December 4, 2007, 2:09 amKeystone from BiTKOO is an entitlement management engine that provides the most sophisticated fine-grained authorization, RBAC, segregation of duties enforcement,...
Reply | Read entire comment
View all comments