I am researching identity management solutions. Who in the team should be managing the IDM product?
Its depending on the organization structure. Operational Security generally manages tools while Governance & Policies from Risk or CISO.
It depends on what you mean by “managing”. There’s functional management and technical management.
In our case it's the "Dev/Ops" team situated in the IT Security tribe who’s responsible for the technical maintenance. (We're an agile organization.) Depending on the size it takes a couple of fte to do the maintenance. It's also depending on the amount of the connected target systems. If it's only an AD it requires only one connector to be maintained which doesn’t change a lot. Only when schema’s change or additional attributes need to be collected. Also the amount of users, especially if they are divided in sub-scopes, have an impact on the amount of work. Moreover, if the vendor delivers patches on monthly basis it causes more work. So in a medium or small organization I would already think of 5 fte.
Functional management is different. That involves contract- and issue management with the vendor, submitting usecases/userstories to the tech team and as some kind of liaison managing the user community. That takes at least 2 fte if you want to take it seriously. Our functional management is located at our CISO office.
In my opinion it’s not a one-man-job if you want to take it seriously.
Typically we see IDM products being managed by a system owner in the security team.
Depends on the Level of organizations. There are teams sometimes specifically deployed for the same or it goes to CIO or CSO's also.
Insider data breaches can be a real problem in businesses. One way to address this issue is by implementing an identity and access management solution.
What tips do you have for ensuring that one's identity and access management solution is effective?
Do you have recommendations for the most efficient way to handle the employee identity lifecycle in a secure way? Any suggestions for the best tools to put in place to ease this process?