Describe about the Identity and Access Management for Australian Company.
Considering the healthscope for the Australian company, there have been operations which are for handling the 46 hospitals and the other 52 medical care centres. Hence, for this, there is a need for the proper management along with the focus on Information and Physical Security management. Hence, IAM (Identity Access Management). The IAM is for the handling of the business process where the technology works on the framework for the process which works on the initiation recording and the management of the user identity to work on the related access permissions. The assurance is through the policy and the individuals where there is proper authentication, authorisation and auditing control. The regulatory non-compliance is based on the auditing where the management will not be able to provide and provide the authentication and the risks related to the company data if IAM is not processed accurately.
For the computer security, the IAM is based on handling the security and the business which enables the rights of the individuals to properly access the resources in the proper manner at the right time in an effective way. This will help in handling and meeting the rigorous requirements. (Khattak et al., 2016). This is based on the areas of the identity management of the systems, products and the applications to manage the identification of the data along with the entities that includes the individuals and the other computer related hardware and the applications on software. As per the research, there have been different services and the terms which are related to the identity management and includes the directory services, digital cards, service providers, web and the access control services with the single sign-on along with other security tokens with the workflows and password managers.
Development of IAM
With the IAM projects in Health scope, these are not mainly for the increase of the profitability and the functionality. The lack in the effective management finds to pose risks to the organisational security with the issues of mismanagement that increase the risks that are more for the external and the internal threats. (Indu et al., 2015). There is a need to handle the flow of the business data while properly managing the accessing of the business IT environment with the evolvement of the disruptive trends like the bring-your-own-device (BYOD), cloud computing, mobile apps with the increased mobile workforce. There is a need to keep a track of the employees with the different roles in organisation which finds it difficult for the identity and the access. The major problem has been for the change in the employee duties.
With the IAM, there is a proper setup of the centralised directory which prevents the credential to end up recording the files with the sticky notes, which is considered as a burden for the system. (Latinen, 2016).
Recommendation of IAM technology
This IAM technology has been considered to offer the enterprise to protect it along with the development of the social and the mobile applications. It is mainly for handling the pure identity function with the creation, management and the deletion of the identities. The user access is based on handling the smart care with the service functions which is able to deliver the personalised, role based content that has been based on the presence-based services. The identity of the federations is mainly to authenticate the user without knowing the password. (Marchiondo et al., 2015). With IAM, there is a possibility to properly authenticate, authorise the information along with defining the roles and the delegations which are based on the performance and allowing the customers to work on the different actions with the management of the office related information. IAM works on putting the personal information on the network which raises the concerns of privacy. Hence, with this, there have been regulatory compliance evaluation which are based on user access management and the identity management process. The modules include the integration with the user provisioning and the lifecycle management and the compliance manager who is able to handle the different applications as per the accessing flow and transition to the IAM-as-service. (Pathan, 2016).
SSO is considered to be the most important feature of the user facing in IAM which helps in handling the security of the system along with handling the greater access to the different software applications. Some of the benefits for this include:
The Improvement in the User Experiences
This is mainly related to the observing of the benefits where the SSO eliminates the needs for the users to properly remember and handle the passwords for the inputs for the accessing of the different areas of the system. With this, the users are able to do the automatic logins with the different connected system. (Kumar et al., 2016).
Enhancement in the Profiles of the security
SSO is able to grant the access for the users to handle the applications automatically. The advancement is based on the Security Assertion Mark-up Language (SAML) 2.0 which is for the additional level of the security to properly authenticate and authorise the users who are based on the levels of the directory profiles. The patterns are based on handling the integration of the security profiles with the identification of the stores, directories and the other social identity providers. There are rules which are set for the automation access along with the decision making process that will be able to easily analyse the attributes to group the user authentication methods. (Hummer et al., 2016).
Simplification of the Auditing & Reporting
With this, there has been consolidation of the identity and the passwords to work on how the credentials have to be used. There have been management which can access the data at the time of the breach. The PingFederate helps in completely monitoring the sign on performance of the metrics, with the traffic and the compliance. There has been a detailed version of the trails which allow the user to handle the provisioning along with handling the terminations. OneLogin allows and help in running the detailed analytical reports for the users, applications and the other login events. (Checkel, 2016).
This allows the easy access to the user
With this, there are IAM which are setup through the interconnected system where the user has been complying to the larger companies with the globalised business pattern along with providing the easy access for the employees. The OneLogin is mainly to handle and work on the enterprise web-based applications where there is a need for the one-click access to the different applications and the entries resources with the mobility management.
Increase in Productivity & Reduction of the IT costs
With this, there have been SSO for the eliminations of the costs which provides the users a proper locked mode for handling the application accounts. IAM works on the easy identification of the stores like the Active Director or the LDAP which helps in allowing of the extension of the auditing trails with the analytics and the access rules with the different policies to automate the identity access. (Hunter, 2015). There has been assurance for the customers to gain the benefits for the IAM and SSO.
IAM works on the safeguard of the mobile, cloud and the social access along with preventing the advancement of the insider threats. The simplification is mainly to handle the integration process along with properly handling the delivering of the actions for the identity intelligence. The major focus has been on the lowering of the administration effort with the enabling of the success in business and the improvement in the operational efficiency with the heightened security. (Lilgendahl, 2015). IAM works on providing the inter-departmental automation with the identified workflow along with maintaining the security as well as other auditing standards. The implementation is based on working over the increased operational efficiencies with the simplification in the regulatory compliance along with increased satisfaction of the employee.
Khattak, Z.A. and Sulaiman, S., 2016, January. Federated Identity and Access Management and Trusted Computing-based Federated GRID Model for Federated GRID Resources. In Proceedings of the International Conference on Security and Management (SAM) (p. 108). The Steering Committee of The World Congress in Computer Science, Computer Engineering and Applied Computing (WorldComp).
Indu, I. and Anand, P.R., 2015, December. Identity and access management for cloud web services. In 2015 IEEE Recent Advances in Intelligent Computational Systems (RAICS) (pp. 406-410). IEEE.
Laitinen, L., 2016. Case study on identity and access management in an EU level pharmaceutical company.
Marchiondo, L., Ran, S. and Cortina, L., 2015. Modern discrimination. In The Oxford Handbook of Workplace Discrimination.
Pathan, A.S.K. ed., 2016. Security of self-organizing networks: MANET, WSN, WMN, VANET. CRC press.
Kumar, S., Bettadapura, V.S. and Shah, S.M., Citrix Systems, Inc., 2016.Access, priority and bandwidth management based on application identity. U.S. Patent 9,240,945.
Hummer, M., Kunz, M., Netter, M., Fuchs, L. and Pernul, G., 2016. Adaptive identity and access management—contextual data based policies. EURASIP Journal on Information Security, 2016(1), p.19.
Lilgendahl, J.P., 2015. The Dynamic Role of Identity Processes in Personality Development. In The Oxford handbook of identity development.
Checkel, J., 2016. Regional Identities and Communities. In The Oxford Handbook of Comparative Regionalism.
Hunter, A. and Brewer, J.D., 2015. Designing multimethod research. In The Oxford Handbook of Multimethod and Mixed Methods Research Inquiry.