What are some best practices for integrating an AAA framework with existing IT infrastructure (directory services, identity management systems, access control mechanisms)?
Sort By:
Oldest
Managing Partner in Miscellaneousa year ago
This is way way harder than it should be. Okta and something like Azure AD seems to be the best overall solution. I would also consider the broader topics around log analytics, anomaly detection, SEIM, end user compute, MDM etc. as a part of any AAA discussions and plans. Too often those are treated separately and not part of a comprehensive solution.Head of Cyber Security in Manufacturinga year ago
Know your goal, from on-premise to cloud to physical access how can identity be backed in that its end to end seamless. The tighter the integration the less friction the business faces. (if you got a yubikey or smartcard people can logon within 5-15 seconds, if you got e-mail+password+mfa it skyrockets for many people to more than 1 if not 2 minutes case they need to type way more)Dont forget to get started with IGA where you can hand over due care tasks of access assignment/re-certification to people who have the proper authority, IT/Security is in most cases the wrong place.
In regards to logging, it eases life in case of failures/problems/breaches. In best case you got phishing resistant authentication mechanism so the log would be the last resort in case something did go wrong or in case you need to verify of bad insider/lost key fob simililar.