I sat down the other day and discussed governance with one of my friends who is a Sailpoint/CyberArk consultant. I have always thought that these products were the leaders in the IDM governance circle. I told my friend about the systems I have designed and built in FIM 2010/MIM 2016 to manage identity and enable organizations pass SOX and other technology audits. He was stunned and told me this is very similar to what these products do and companies pay zillions of dollars for. Perhaps I under estimate the work I have done and its not the first time 🙂
So I have decided to write down and share my experience as an auditor and IDM architect. I will discuss the governance model and how firms can set up their own model from scratch. I have found its one of the most challenging topics for IT departments but it is a gap they constantly face from auditors and regulators.
This is not a Cadillac/Range Rover solution, you want that, then get your wallet out and get the Sailpoint/CyberArk. This is a Camry solution based on Microsoft products and I think there are quite a number of people that are happy with their Camry. There will be 7 blog posts and I will add the links as they are published over the next few weeks/months. I have never used Bhold and it is not in my designs for any FIM/MIM governance systems. FYI, Bhold is deprecated.
- Introduction to Governance
- Analysis and definition of Roles for an organization
- Design an Rbac system for your organization using MIM 2016
- Account identity life cycle management and attestation using MIM 2016
- Account identity entitlement review using MIM 2016
- Monitoring and Trend analysis
- Reporting and improvements