Five steps to an effective access management strategy

Posted on Jul 15 2013 - 4:52pm by Contributing Writer

By  Jeff Castillo,  Country Managing Director of Fortinet Philippines

Jeff Castillo

Jeff Castillo

Access management is a crucial function for every organization with an Internet connection and it’s a lot harder these days. The explosion of remote workers and mobile devices has complicated and confused once-rudimentary access management functions, while the popularity of social media and other Web 2.0 sites have added a more challenging dimension to the work environment.

With this in mind, here are a few tips for access management that might ease the process.

Do Inventory. Organizations need to have strong, robust user access policies, and IT administrators need to assess and answer fundamental questions: Who should access to what?

The CEO and top brass will have more permissions to access data than those working in the mailroom. Drilling down, organizations may give user groups permissions related to their job functions. Marketing and sales personnel will benefit from unrestricted access to social media sites, while other groups – janitorial, for example – might be limited to social media during lunch or off-work hours.

A blanket “No YouTube” policy will only thwart users leveraging work-related videos for training. Sweeping bandwidth restrictions will frustrate users requiring video-conferencing apps to conduct meetings with multiple users from around the globe.

Determining the appropriate level of permissions takes research into what users need to be most efficient. A little homework on the front end will save organizations time figuring it out by trial and error.

READ:  IBM reveals five innovations that will help change all lives within five years

Communicate policies clearly, and be flexible. Once the appropriate policy levels are in place, the organization must communicate them to the user. This means educating users about what they’re allowed and/or prohibited from doing on their work network.

But, organizations also need to be flexible. A user or group of users might have a specific data access need that no one considered. Also, users’ access needs can change: Employees get promoted, change roles and acquire new job functions. Any change will entail a new level of access.

Staying on top of users’ access needs and communicating related policies will save organizations time and headaches in enforcement. Once users are made aware, it’s likely they will want to comply with the rules.

Monitor, monitor, monitor. You don’t know what you don’t know. While certain restrictive access policies may be in place, it’s doubtful one set will apply to the entire organization 100 percent of the time. There will be exceptions. With myriad disparate permissions and policies, things will fall through the cracks. It behooves users to invest in tools to monitor and analyze users’ network behavior. Comprehensive monitoring allows IT administrators to determine whether a user is sapping bandwidth by streaming music or video files; whether an insider is accessing unauthorized information, either accidentally or intentionally; or if users are visiting illicit sites during work hours.

More information gives organizations the ability to act in a way that best aligns with their business objectives. Let’s face it: Most organizations want to be as efficient and productive as possible. Monitoring gives IT administrators and management insight into how the network is being used so they can better tailor policies going forward.

READ:  Five security must-do’s for first time cloud users

Manage remote workers. Most organizations agree it would be easier for network management tasks to be confined to the physical walls of the organization. These days, with the dearth of mobile, remote and contracted workers, that’s seldom the case.

IT administrators need to ensure these workers and their devices are on the same page in terms of policies and permissions. Organizations need to ensure they have a robust VPN solution in place, and that all tools related to access and application control, firewall, IDS and IPS, antivirus, antispam and spyware extend to remote workers.

Account for BYOD or Bring Your Own Device. Once upon a time, IT administrators were tasked with keeping tabs on the network and all that resided inside it. These days, users don’t have to access questionable sites or sensitive data from their desktop computers, but they can access whatever they want from their mobile devices.

Personal mobile devices leveraged for work-related functions will contain sensitive, business-critical information. This leaves an organization vulnerable to data theft and malware attacks when those same mobile devices also access Web sites that contain malware.

IT administrators and other decision-makers will want to determine how far access management policies should extend onto users’ personal devices. To what degree is dependent on the needs, goals and culture of the organization.

Related Posts

Fake movie-streaming sites are cybercrime baits Trend Micro Incorporated  has found over 1,500 fake streaming sites that took advantage of recent summer box office hits. In its analysis of data coll...
Globe’s new group to offer cloud-based services an... Addressing the rising adoption of cloud and mobile computing in the enterprise, Globe Telecom has created an Information Technology (IT)-Enabled Servi...
Cyber threats in PH increased by 48%, says Trend M... The incidence of cyber attacks in the Philippines is likely to increase significantly in the remaining months of the year as cyber threats have increa...
WatchGuard’s new wireless access points prot... WatchGuard Technologies has unveiled two new Wireless Access Point products, and has announced seven new models in its line of Extensible Threat Manag...
That World Cup streaming service you’re usin... As World Cup fever ratchets up, it’s natural to want to watch as many games as possible. If football fans are not near a TV when the game they want...
Php2M awaits winner of Kaspersky’s cybersecu... Young Filipino entrepreneurs are now given the chance to build their knowledge in cybersecurity and win $50,000 or over P2 million prize fund as Kaspe...
Microsoft merges analytics, security, and voice fe... Microsoft continues to lure businesses over to its cloud-based productivity suite. At a press conference recently, Microsoft Philippines announced thr...
‘Always think you are a target’ Security technology provider Kaspersky Lab has bared strategies that help enterprises mitigate risks against malware, be it in the form of known, unkn...
New WatchGuard appliance protects the ‘new&#... WatchGuard Technologies recently announced the WatchGuard Firebox T10 Unified Threat Management (UTM) solution, a network security appliance that allo...
Latest Trend Micro software strengthens your priva... “Everything we do online leaves behind a digital footprint that can lead cyber criminals back to us,” warned Trend Micro during the launch of the late...
About the Author

Leave A Response