Solved

access governane

Posted on 2014-04-02
2
282 Views
Last Modified: 2014-04-11
Can anyone recommend any books publications on how to implement best practice access governance and management   across an organasation regardless of what format and where the data is stored
0
Comment
Question by:pma111
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 26

Accepted Solution

by:
Leon Fester earned 250 total points
ID: 39974451
Access governance and management is best implemented through the introduction of Role Based Access Control (RBAC).

I would refer to the SANS websites for information about governance and best practices.

http://www.sans.edu/research/security-laboratory/article/311
http://www.sans.org/reading-room/whitepapers/bestprac

I found a presentation that might help you see RBAC being introduced into a complex environment.
http://www.id-conf.com/files/kruit_abnamro.pdf

Also have a look at Identity and Access Management article information for better understanding of what's options you have available for governance and access management.
0
 
LVL 64

Assisted Solution

by:btan
btan earned 250 total points
ID: 39974881
I will say delve into identity access management as a whole which covers the full identity lifecycle from its creation, usage, removal and oversight. A good kickstart is the GRC ecosystem which ISACA has established couple of article and publication too. maybe check this out for a start which include references that helps the understanding and planning to implementation an IAM program

http://www.isaca.org/Journal/Past-Issues/2011/Volume-5/Pages/The-Impact-of-Governance-on-Identity-Management-Programs.aspx 

Also we can tap on Gartner as well since they are also watching this space with even recommended reading (need registration)

https://www.gartner.com/doc/1698615/best-practices-identity-access-management

Sometimes, I may also look at MNC in this space actively pushing the practical side to deploy and operationalise the strategy. We should stay practical and map solution to just purely paper talk, and bonus is how it comply with standard and regulation e.g. PCI, SOX, etc

http://www.oracle.com/us/products/middleware/identity-management/061145.pdf
0

Featured Post

On Demand Webinar: Networking for the Cloud Era

Ready to improve network connectivity? Watch this webinar to learn how SD-WANs and a one-click instant connect tool can boost provisions, deployment, and management of your cloud connection.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Recently, Microsoft released a best-practice guide for securing Active Directory. It's a whopping 300+ pages long. Those of us tasked with securing our company’s databases and systems would, ideally, have time to devote to learning the ins and outs…
I was prompted to write this article after the recent World-Wide Ransomware outbreak. For years now, System Administrators around the world have used the excuse of "Waiting a Bit" before applying Security Patch Updates. This type of reasoning to me …
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…
This video Micro Tutorial shows how to password-protect PDF files with free software. Many software products can do this, such as Adobe Acrobat (but not Adobe Reader), Nuance PaperPort, and Nuance Power PDF, but they are not free products. This vide…

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question