A Single Partner for Everything You Need Optiv works with more than 450 world-class security technology partners. By putting you at the center of our unmatched ecosystem of people, products, partners and programs, we accelerate business progress like no other company can.
We Are Optiv Greatness is every team working toward a common goal. Winning in spite of cyber threats and overcoming challenges in spite of them. It’s building for a future that only you can create or simply coming home in time for dinner. However you define greatness, Optiv is in your corner. We manage cyber risk so you can secure your full potential.
Dear Board of Directors, It’s Time to Do the Right Thing and Elevate IAM Breadcrumb Home Insights Blog Dear Board of Directors, It’s Time to Do the Right Thing and Elevate IAM May 17, 2018 Dear Board of Directors, It’s Time to Do the Right Thing and Elevate IAM I talk with IT executives regularly and have noticed a trend across industries that is concerning. While the threat of a data breach looms large on the horizon, IT leaders consistently appear to address the threat with a "wall building" focus. Certainly, protecting resources from unlawful entry is necessary and valuable, but what about the threat from within? According to the Verizon Data Breach Incident Report, 81% of hacking related breaches leveraged stolen and/or weak passwords. Yet, far too many IT leaders ignore the identity problem in favor of building a better "wall." It is time to focus on identity and access management (IAM). Right away, some of you bristled at the mention of IAM and I don't blame you. According to the Ponemon Institute, 74% of organizations believe implementing IAM is too difficult. It feels safer to keep investing in traditional perimeter mitigation strategies, rather than address what could be a significant investment of time and resources for your organization. But, as my good friend Clark Griswold from National Lampoon’s Vacation found, plugging the hoover dam with bubble gum isn't a sound prevention strategy. The reality today is that your organization has been breached. You may or may not know it yet, but make no mistake, those that wish harm to your organization have found ways inside. It may take the form of malware, phishing attacks, denial of service attacks or accidental web exposure. Even more alarming is the insider theft threat. The SailPoint Market Pulse Survey (2016) found that one in five employees would sell their work password! Well managed identity solutions don't remove these realities, but they do offer a mitigation to the exposure and a way to move forward with confidence. So, how do you shift a traditional "wall" focused organization to making a well-managed identity program your primary objective in 2018? Here are three things every IT leader should be discussing with their executives and board right now: Assume your organization has been breached and attackers still have access Adopt a zero-trust model Ensure identities that would allow lateral movement within the organization are secured, including OEM accounts, aged accounts, and privileged accounts with stronger controls Ironically, nearly all organizations that weather a data breach allocate valuable dollars and resources to tightening up their identity processes and tools. The better approach is to make the time and investments now before your customer data, competitive advantage or confidential information is lost. Stay away from the latest shiny object and get back to the basics – access control, user lifecycle and access governance, should be your highest priority. Teddy Roosevelt once said, "In any situation, the best thing you can do is the right thing; the next best thing you can do is the wrong thing; the worst thing you can do is nothing." By: Mitch Powers Senior Security Consultant, Identity and Access Management Mitch Powers is a senior security consultant for Optiv’s identity and access management practice at Optiv. In this role he is focused on addressing identity related security challenges for customers across North America through strategic assessments, deployment planning, and direct customer delivery engagements. Share: identity Zero Trust
Would you like to speak to an advisor? Let's Talk Cybersecurity Provide your contact information and we will follow-up shortly. Let's Browse Cybersecurity Just looking? Explore how Optiv serves its ~6,000 clients. Show me AI Security Solutions Show me the Optiv brochure Take me to Optiv's Events page Browse all Services