Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

access governane

Posted on 2014-04-02
2
279 Views
Last Modified: 2014-04-11
Can anyone recommend any books publications on how to implement best practice access governance and management   across an organasation regardless of what format and where the data is stored
0
Comment
Question by:pma111
2 Comments
 
LVL 26

Accepted Solution

by:
Leon Fester earned 250 total points
ID: 39974451
Access governance and management is best implemented through the introduction of Role Based Access Control (RBAC).

I would refer to the SANS websites for information about governance and best practices.

http://www.sans.edu/research/security-laboratory/article/311
http://www.sans.org/reading-room/whitepapers/bestprac

I found a presentation that might help you see RBAC being introduced into a complex environment.
http://www.id-conf.com/files/kruit_abnamro.pdf

Also have a look at Identity and Access Management article information for better understanding of what's options you have available for governance and access management.
0
 
LVL 63

Assisted Solution

by:btan
btan earned 250 total points
ID: 39974881
I will say delve into identity access management as a whole which covers the full identity lifecycle from its creation, usage, removal and oversight. A good kickstart is the GRC ecosystem which ISACA has established couple of article and publication too. maybe check this out for a start which include references that helps the understanding and planning to implementation an IAM program

http://www.isaca.org/Journal/Past-Issues/2011/Volume-5/Pages/The-Impact-of-Governance-on-Identity-Management-Programs.aspx 

Also we can tap on Gartner as well since they are also watching this space with even recommended reading (need registration)

https://www.gartner.com/doc/1698615/best-practices-identity-access-management

Sometimes, I may also look at MNC in this space actively pushing the practical side to deploy and operationalise the strategy. We should stay practical and map solution to just purely paper talk, and bonus is how it comply with standard and regulation e.g. PCI, SOX, etc

http://www.oracle.com/us/products/middleware/identity-management/061145.pdf
0

Featured Post

The Eight Noble Truths of Backup and Recovery

How can IT departments tackle the challenges of a Big Data world? This white paper provides a roadmap to success and helps companies ensure that all their data is safe and secure, no matter if it resides on-premise with physical or virtual machines or in the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Most MSPs worth their salt are already offering cybersecurity to their customers. But cybersecurity as a service is wide encompassing and can mean many things.  So where are MSPs falling in this spectrum?
There's a lot of hype surrounding blockchain technology. Here's how it works and some of the novel ways it' s now being used - including for data protection.
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

856 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question