Health Insurance Portability and Accountability Act: Section 164.312 requires implementation of policies and procedures that allow access to protected health information only to those specifically granted access rights. (For more on the HIPAA, see "Feds Reach Out and Touch IT,".)
Patriot Act: Section 326 is the Customer Identification Program, which requires financial services firms operating in the United States to collect, verify and document information that identifies each individual or entity that opens an account. (See "Hanging Launderers Out to Dry,".)
Security Poor planning and implementation add risks. For example, an attacker who compromises one SSO account can access multiple resources at once. To counter this threat, all the IAM products we tested have detailed audit trails and reporting capabilities, and some allow for event triggers, monitoring and alerting.
Cost Savings Over time, an IAM infrastructure should produce tangible and intangible cost savings. For example, most of the systems we tested have some delegated administration and user provisioning, making it easier for managers to set up, tear down and control access to specific resources. In addition, users can reset their own passwords through self-service features in the software. These features should reduce the number of helpdesk calls and lower the overall cost of IT administration. In our reader poll, 31 percent said their companies allow password resets; and some let end users update profile information, such as address and phone number. A 10,000-employee company that automates provisioning for 12 applications will save about $3.5 million over three years, according to Gartner; that's based on 14,000 hours per year for the time IT spends managing user access and 6,600 helpdesk hours cut every year.
Companies that customize their IAM software may realize additional savings by using built-in functions or custom APIs to automate work flow. Finally, SSO and self-service give employees instant satisfaction and make it easy to remember security credentials.
Discover the benefits of scalable backbone and network services for application and cloud providers.
Network automation is gaining momentum. Here's how you can drive this powerful technology to its full potential.
Subsea cable alternatives can provide a level of comfort for those concerned about disruptions. Realistically, they will continue to play a small, but critical role in the short term.
