InfoSec-Specific Executive Development for
CISOs and Aspiring Security Leaders.
Live Faculty-led instruction and interactive
labs to build you and your team's InfoSec skills
Organizations making significant investments in cloud services should consider a plan to build a centralized IAM function and focus on a few key principles. This piece explains best practices to follow and as well as pitfalls to avoid when moving to centralized
Most organizations should consider starting with the existing internal IAM team, if one exists. These teams are often focused primarily on directory services like Active Directory (AD), federation and SSO, as well as provisioning and deprovisioning users.
These are all critical elements of a cloud IAM strategy, but additional IAM expertise and skills will be needed to adapt Windows and Unix privileges and permissions to cloud-based images and deployments, as well as to configure and manage cloud provider
policy syntax and roles.
A cloud-focused IAM team should bring together a variety of skills and disciplines, including:
Ideally, these teams should be built from existing internal groups that already understand the business and goals of the organization, but sometimes cloud-specific IAM expertise will require recruiting from outside the organization.
Once a central team is built, organizations should focus on the following five key principles and practices for mature IAM security and governance:
Moving to a central IAM function can be slowed by a range of stumbling blocks, such as:
Although reasonable efforts will be made to ensure the completeness and accuracy of the information contained in our blog posts, no liability can be accepted by IANS or our Faculty members for the results of any actions taken by individuals or firms in
connection with such information, opinions, or advice.
January 20, 2022
By IANS Faculty
How sound is your data governance program? It all starts with the basics. Learn how to establish a solid foundation for your data governance program.
January 18, 2022
Learn how to put a workable data management and governance process in place.
January 13, 2022
Understand how the three lines of defense work and learn how to apply it properly inside your organization.