Click link for more description
CSIA 310: CYBERSECURITY PROCESSES & TECHNOLOGIES CASE STUDY #3: TECHNOLOGY & PRODUCT REVIEW FOR IDENTITY & PRIVILEGE MANAGEMENT CASE SCENARIO:
CSIA 310: Cybersecurity Processes & TechnologiesCase Study #3: Technology & Product Review for Identity & Privilege ManagementCase Scenario:Your client, a small but growing software development company, needs to tighten up its internalIT security controls. A risk assessment found that the company had very weak controls over the issuanceand management of user ID’s and privileged accounts. The major finding in the risk assessment reportfocused on the potential losses that could result from insiders being able to abuse their access to thecompany’s information systems allowing them to steal and sell the company’s strategic plans andintellectual property. The assessment recommended that the company implement two key controls tomitigate insider threats: least privilege and separation of duties.Given the amount of money that could be at risk, the company’s CEO hired your firm to find andrecommend technologies and products which could be deployed to mitigate the insider threat risks. Thetechnologies under consideration provide one or more of the following capabilities:Identity Managemento Identity & Access Management (IAM)o Identity Governance and Administration ( IGA)Privilege Managemento Privileged Account Management (PAM)o Privileged Identity Management (PIM)You have been asked to review and recommend a product which, at a minimum, will meet theclient’s stated needs (least privilege and separation of duties). Your product review and evaluationshould include additional relevant features and characteristics which could help the client address andmanage risks associated with insider threats as discussed in the risk assessment report (see paragraph#1).