Modernize identity and access management architectures. We tailor IAM engagements based on practice area, technologies, user constiuencies, target platforms, operational paradigm, or business intiatives.
1-4 weeks
We start with collaborative workshops and process walk-throughs with your subject matter experts and business stakeholders. We use these sessions to learn about your organization, culture, and business drivers, as well as your current state identity architecture, infrastructure, application portfolio, integrations, and administration.
1-4 weeks
We gather observations and document your current state environment. We also document your business, functional, technical, and non-technical requirements.
1-2 weeks
We document strengths and opportunities for improvement using our assessment method and tools. We help you articulate a desired future state, and use that to conduct gap analyses against good practices collected from hundreds of prior engagements.
1-4 weeks
We develop risk-informed recommendations to address every identified gap. Recommendations are influenced by your business drivers, culture, talent, risk posture, risk appetite, risk exposure, current technology investments, current projects, and planned budget.
1-4 weeks
Recommendations typically consist of actions and projects. Actions are one time events, such as hiring talent or acquiring technology. Projects can be time-bound or ongoing efforts, and usually entail process re-engineering and technology implementation. We help you develop charters for every project, organize them into initiatives, and prioritize them on a 3-to-5-year roadmap.
Administration & Governance
• Enterprise Identity
• Consumer Identity
• Privileged Identity
Auditing & Assurance
Credential Management
Permission Management
• Birthrights
• Entitlements
• Privileged Access
Policy Modeling
• Group-based
• Role-based
• Attribute-based
• Policy-based
• Discretionary
Privacy by Design
Access Provisioning & Requests
Authentication (run-time)
Authorization (run-time)
Cloud Services
Directory Services
Directory Integration
Diretory Synchronization & Virtualization
Federation
Identity Data Access & Sharing
Multifactor Authentication
Privileged Access (run-time)
Reduced & Single Sign-on
Service Management