ISF publishes guide on risk-free Federated Identity & Access Management

According to the report - `Federated Identity and Access Management: Creating a connected world’ – the methodology includes setting out the business case for FIAM and then conducting a planning process, before moving on to the implementation stages.

The report notes that FIAM enables seamless, secure access to multiple external systems, revolutionising the way organizations interconnect with customers and suppliers.

In use, the technology allows businesses to centrally manage employees’ access to multiple external systems, without the need to do this in each external system. Security is increased, costs are reduced, and the user experience is improved, it notes.

Steve Durbin, the ISF’s global vice president, says that FIAM offers great benefits as long it’s implemented in a secure way that doesn’t expose the business to unnecessary risk.

“This new report offers thorough, practical and business-focused advice on getting FIAM right and provides pointers to a range of tools our Members can use to help them implement FIAM successfully”, he explained.

The report says that most businesses will focus on outbound FIAM connections, defined as those where their staff are given access to systems provided by other parties.

“Organizations that provide outsourced or cloud-based applications can gain competitive advantage by developing inbound connections for their customers”, it notes, adding that to succeed, any FIAM project must have the full backing of the business.

IT professionals then need to determine the scope of the FIAM, and then establish a governance framework, before defining a set of technical FIAM standards.

The next stage is to run a FIAM pilot and then integrate the FIAM system into existing IAM systems and general IT processes. From there the report recommends defining an approach for managing relationships with FIAM partners and then creating a process for managing FIAM connections.

An executive summary of the report is available to all comers on the ISF web site and, although the complete report is only available to forum members, the summary has some good pointers for IT security professionals, Infosecurity notes.

ISF publishes guide on risk-free Federated Identity & Access Management

You may also like

Perimeter Security: Evolved, Not Dead

Blocking access to Web 2.0 in workplace not viable

What Is Critical to Your Infrastructure?

WPA Cracked

Leaving a trace

What’s hot on Infosecurity Magazine?

PyPI Revival Hijack Puts Thousands of Applications at Risk

Cisco Warns of Critical Vulnerabilities in Smart Licensing Utility

OnlyFans Hackers Targeted With Infostealer Malware

Researcher Finds Unfixable Yet Tricky to Exploit Flaw in Yubikeys

US Government Set Out to Improve Internet Routing Security

Security Budgets Come Under Pressure as “Hypergrowth” Ends

US Government Set Out to Improve Internet Routing Security

Rapid Growth of Password Reset Attacks Boosts Fraud and Account Takeovers

Active Ransomware Groups Surge by 56% in 2024

Published Vulnerabilities Surge by 43%

Scores of Organizations Hit By Novel Voldemort Malware

TfL Claims Cyber-Incident is Not Impacting Services

Cracking the Culture Code: Building a Cybersecurity-Aware Workforce

Beyond Passwords: Securing the Digital Age with MFA, 2FA, and Passwordless Authentication

Supply Chain Risk and Mitigation in Operational Technology

How to Secure Industrial IP with Data Loss Protection Strategies

How to Navigate the Evolving DDoS Attack Landscape

The Future of Fraud: Defending Against Advanced Account Attacks

Infosecurity Magazine Autumn Online Summit 2024: Day One

Infosecurity Magazine Autumn Online Summit 2024: Day Two

Clark County CIO Shares Insights on Securing AI Innovation and Broadband Initiatives

From Protests to Profit: Why Hacktivists Are Joining the Ransomware Ranks

Iranian Hackers Secretly Aid Ransomware Attacks on US

Post-Compromise Security: What to do When the Hackers Get in