Focus on IAM

Focus on IAM

Commentary of Cybersecurity Evangelist Sascha Martens

Imagine being operated and then this: A hacker attack ensures that all systems in the hospital are paralyzed. No nice idea? That’s why the BSI now demands professional Identity and Access Management (IAM) for KRITIS-relevant areas. What is important here and what is the ideal solution?

It’s been a week since the article in the Security Insider – about how alarmingly password security is still being implemented in hospitals – is not far from realistic hacker attack scenarios. Actually, hospitals, financial institutions, and other so-called critical infrastructures (KRITIS) had time until the end of June to upgrade. Now the BSI is clearly in favor of integrating identity and access management systems to ensure digital security. We’ll explain what you need to look out for!

A central IAM solution cannot be flexible enough! Many providers, especially in the field of IAM, rely on ‘simple’ solutions that are almost 100% configurable via GUI. With such a solution I have to decide: If I ignore a significant proportion of the systems used (e.g. web services), do I connect them directly to my IAM solution (and probably use poorly developed interfaces), or do I add further solutions to the overall architecture? These still have to be connected, but probably work much better as specialists.

One example is Password Safe as a building block in the IAM architecture: A central solution for credential handling does not only secure the immediate effect of considering passwords. A connection can also create added value! Controlled access to accounts and passwords ensures that only certain persons can access this information. These access rights can be viewed, evaluated, and used centrally in the IAM. Automation based on this can also be implemented much more easily if all information is already centrally available. And our biggest concern is no longer IT security when we think of hospitals 😉

Cybersecurity evangelist Sascha Martens is Head of Solutions Architect at MATESO. For the Password Safe Blog he writes regular Tech Diaries, which give an entertaining insight into current topics and events from an IT perspective.

November 6, 2019|

Commentary of Cybersecurity Evangelist Sascha Martens

MATESO Blog

Netwrix Acquires MATESO to Empower Customers with Better Protection of Identities

Data Protection Day 2022 at MATESO

Browser Extensions

Download Password Secure

Mobile Apps

Have you ever shared a password with a colleague without in cryptic form without knowing the password?

Look how we do it in Password Safe

How it works in Password Safe

How often do you change your Passwords?

Do you have an own IT administration that is able to take care of solutions like Password Safe?

How many user licenses would you need?

Who should use Password Safe?

Do you have an AD / LDAP you want to import users from? Do you want to connect several servers?

How big is your company?

Is outsourcing of IT services an option for you?

How many user licences would you need?

How big is the company you work for??

Is outsourcing of IT services an option for you?

How many employees work in your company?

Focus on IAM

Commentary of Cybersecurity Evangelist Sascha Martens

Share this article

MATESO Blog

Netwrix Acquires MATESO to Empower Customers with Better Protection of Identities

Data Protection Day 2022 at MATESO

Browser Extensions

Download Password Secure

Mobile Apps