If you’re attending this year’s Gartner IAM Summit, things might be a bit different than what you’re used to. I’ve attended other Gartner events this year, as well as other industry IAM-related events, and the thing I’ve noticed is that IAM is no longer on an island. Where IAM was seen as black magic by the rest of IT in years past, there is more interest from security practitioners and executives than I’ve noticed before. I believe this can be attributed to the central role that IAM plays in securing information and reducing risk, while demonstrating effective controls to auditors for compliance.
The security and risk angle is really not all that new, but it has a new sense of urgency given that so many recent breaches have involved the theft of insider credentials. Most organizations don’t watch employee behavior all that closely, so if their credentials are compromised, information loss can persist for months or years.
To address the challenge of insider credential loss, I’m presenting the NetIQ vision for the future use of machine learning and analytics to identify abnormal user behavior and drive more secure responses. That could include requiring a step-up/second factor of authentication, or an ad-hoc certification by a manager. I’ll cover nine specific use cases that we’re working towards and give you some understanding of the challenges we’re trying to solve.
My session is at 3:15pm on Tuesday, December 8th in the Augustus room. Mark your calendar and come say hi afterwards.
Disclaimer: As with everything else at NetIQ Cool Solutions, this content is definitely not supported by NetIQ, so Customer Support will not be able to help you if it has any adverse effect on your environment. It just worked for at least one person, and perhaps it will be useful for you too. Be sure to test in a non-production environment.