IDENTITY AND ACCESS

Get in control of identities and admins

One of the most common ways cybercriminals gain access to valuable data is by moving around digitally via identities – identities which have access to too much, and to data and systems they may not even need. 

Therefore, identities and administrator access are the alpha and the omega of IT security – and policies and processes for ‘who gets to do what’ are essential to keeping a tight ship.

Identity Management by CTGlobal

Things to consider

Keeping house: Who gets what?

Policies and processes are key to controlling who – or rather, which accounts – have access to what, in your infrastructure. 

You need to give serious thought to what is ‘nice’ and ‘need’ to have, and how you balance security with convenience.

Start by mapping the basics and continuously revisit requirements:

  • Who has access to what? From which devices? How long? And based on what criteria? 
  • Are policies set up for how often access is renewed/evaluated? 
  • What happens if an employee changes department? Does she still have access to old systems? 
  • Should time limits be placed on access to more sensitive systems? And so on, and so on. 

Identity management is a matter of keeping house with who gets what – and asking oneself: “Why?”

Access rights are the gold

Administrator access is security gold and effectively the key to the kingdom. 

It is often precisely these accesses that criminals try to get their hands on, once they are inside the organization. This has been documented in many of the major hacking cases over the past few years

Too many admins: 

  • Have too many accesses. 
  • Use their regular accounts for everything. 
  • Has privileged rights that are never revoked. 
  • Have more privileged rights than they originally needed. 

That’s why it is incredibly important to keep track of access rights, to have carefully thought out policies and razor-sharp processes – and to comply with them.

Administrators must appreciate their special role and the responsibility that comes with it.

Identity and Access

It is incredibly important to keep track of access rights, to have razor-sharp processes and to comply with them.

For Identity and Access, CTGlobal works with these methods:

  • Mapping – we help you map your users’ actual access rights.
  • Analysis – we advise you on best practices, based on user requirements. 
  • Configuration – we help you set it up, utilizing the technologies correctly.
  • Visualization – we monitor and display current status, ongoing trends and risk patterns.
  • Reporting – we provide you with the documentation you need for compliance and budgeting.
  • Process optimization – we continuously tweak and adjust your processes.

CTGlobal use Microsoft technologies, and for Identity and Access we use Defender and Sentinel.

Read about our Microsoft Security First strategy here

Contact us for a project proposal and pricing: info@ctglobalservices.com