Keeping Credentials Safe: Worldwide in Real-Time

Keeping Credentials Safe: Worldwide in Real-Time

If you were to gather ten cyber security experts in a room and ask them what the most common threat actor access point is for today’s enterprise, every one of them will likely answer user credentials. Credentials have proven to be the weakest link in the cyber security industry. In fact, Verizon’s 2017 Data Breach Investigations Report (DBIR), demonstrates 81 percent of hacking-related breaches have leveraged stolen and/or weak passwords.



In today’s era of digital transformation – where the number of IP addresses, users, devices and data sets is expanding at a breakneck pace – Identity Access Management (IAM) has been proven essential to strategic and effective security programs. IAM encompasses the people, processes, and technology for creating, managing, authenticating, controlling and removing a user’s permissions. It also defines the processes by which data is accessed through an organization by its employees, contractors, affiliates, partners and customers. IAM is the key to controlling and extending access to organizational and customer resources and data. 


Digital business initiatives focus on improving partner and customer engagement by providing them access to online resources or to enterprise and customer data and services when out in the field. Employees must have rapid access to corporate data and applications to collaborate effectively. Customers must have real-time access to their data and services being provided no matter where they’re located. Continued expansion into the Internet of Things (IoT) and the cloud has extended and blurred the digital perimeter and enterprise attack surfaces. No longer limited to the physical confines of a building, the network edge is wherever users happen to be – in a coffee shop, hotel room, at an accident site or airport – anywhere in the world. 


As the need for worldwide, real-time collaboration continues to grow, enterprises are realizing the importance of having the ability to effectively identify users and grant privileges across a multitude of platforms and technologies, while keeping an eye on extracting the data layer to allow for future technology changes. The answer? A comprehensive and strategic IAM strategy. 


A strategic and holistic approach to IAM encompasses: 


  • Identity data management 
  • Identity management 
  • Access management 
  • Access governance 
  • Privileged access management 
  • Data security and analytics 


Adopting a strategic and holistic approach to IAM allows enterprises to control user permissions and grant access to data appropriately as workloads are migrated to the cloud and mobility continues to dominate the globe.

Janel Schalk
Senior Director, Strategic Consulting and Access Management
Janel Schalk is the senior director of strategic consulting and access management for Optiv’s identity and access management (IAM) practice. In this role she focuses on building client and vendor relationships, providing strategic oversight to engagements, and building excellent teams through people leadership for North America and India based consultants and managers.