Globeteam

Identity & Access Management

Kim Lindberg - Globeteam

For more information, please contact:

security

Identity and Access Management is a complex discipline

Identity and Access Management is a vital security discipline in today’s digital world, especially given how dependent companies now are on technology. However, companies can sometimes struggle to embrace the many opportunities opened up by new technologies without exposing themselves to unnecessary risks. In order to achieve the correct balance, they need to ensure that the right people have simple, secure and controlled access to necessary systems and resources.

Cyber security threats nowadays are many and varied, meaning there are increasing demands on companies to have more control across their facilities and complex system landscapes. This needs to include control over who has access to which data and resources, and why. If a company does not have an accurate overview of its user and access rights, they may not be complying with the relevant rules and regulations and may also risk leaving big gaps in their security.

Globeteam is a consultancy firm that spans the entire range of Identity and Access Management services and has a lot of experience managing IAM projects in both the public and the private sector.

security
Find the right approach to Identity and Access Management

Globeteam has a large Identity and Access Management team, consisting of the country’s leading experts in the area. We organise our services with a specific focus on the individual task that needs to be solved, and we always provide the best qualified resources, depending on where the client is on their journey.

One of our strengths at Globeteam is that our consultancy services within Identity and Access Management cover both physical and logical access control, and we see the benefits of co-thinking and integrating requirements, management, and technology support. We assume a holistic approach where we address the users, processes, and technology to achieve the greatest possible effect. In the same way, our advice, design and implementation services are always based on clear, functional, and security-related requirements and needs.

Read more about Globeteam’s security advisors

security

Strategy, identity and security architecture

At the strategic level, Globeteam helps its clients create management support and then, in turn, anchorage. We can work with you from the idea stage to product decisions; from specification requirements and strategic roadmaps; along to risk assessment and compliance requirements, all of which provide the foundation for solution design, choice, and implementation. At Globeteam, we are particularly aware of the importance of organisational anchorage as a prerequisite for long-term sustainability of the solution.

In addition to the strategic level, Globeteam also helps its clients establish a collective identity and security architecture that is based on and designed in line with current best practices, frameworks, security and compliance standards. These include “Zero Trust”, “ISO-27000”, “NIST”, “GDPR”, “NIS2” and many others.

The more regulated an industry is the more requirements there are to comply with, follow best practice on and also be able to report about. Therefore, Identity and Access Management is not just a technical discipline, but also very much a compliance exercise. An organisation will need a procedure to describe the lifecycle for identities, accesses, approvals, and recertification. There must be controls for logging and possibly monitoring or following up on identities or accesses that need to be managed, as well as an action pattern that must be followed in various scenarios.

Of course, being compliant has many benefits for internal and external audits and authority visits, but it also provides a positive daily effect and added value which in itself demonstrates why it’s worth being in control. Maintaining a level of control means a good situation remains that way. What’s more, keeping things running well means the organisation does not periodically have to engage in expensive projects to “clean up” another messy situation where all parties have lost track and control.

Implementation projects within Identity and Access Management

Identity Governance and administration (IGA)

Identity Governance and Administration basically implements a number of processes for managing the lifecycle of identities in terms of account and access rights allocations. Integrated with the company’s HR system as an authoritative source, these are sometimes known as joiner, mover and leaver processes. There are several possible automations available to companies in this sphere, such as the creation of user accounts in the company’s system landscape and the allocation of Birthrights for the identities; these are a closely aligned set of rights, linked to the identities’ function and location in the company.

Access Management (AM)

Access Management helps the company enforce and verify access policies as well as rules about which level of authentication a given service requires for individual access. In Globeteam’s many such implementations over the years, we have placed a particular focus on striking the right balance for the client between security and user-friendliness.

Cloud Identity

The technological development and dissemination of cloud services in companies has brought about the concept of Cloud Identity. Cloud Identity can mean different things to different people, but at Globeteam we define Cloud Identity as all the identities that exist in a company’s Cloud solutions. Cloud Identity is particularly relevant in the context of Microsoft cloud, primarily Microsoft 365 and Microsoft Azure Active Directory. Globeteam has documented experience and highly certified consultants within Azure and Microsoft 365, and they are ready to help clients get the most out of their Microsoft investments in cloud. A particularly important step in this process is to develop an overall architecture that describes the co-existence of both Azure IAM “Cloud” and a standard Identity Governance & administration tool in the company. Globeteam has experienced specialists within both of these areas.

Privileged account management solutions help the company manage the IT systems’ privileged users, audit & session recording and application passwords. They also play a particularly important role in safeguarding the company’s passwords, often by means of a vault that encrypts and protects them. Globeteam helps its clients to see their identity and access management from a risk perspective. It is important for companies to prioritise their investments so issues are dealt with in the order that brings the most gains and also increases security. Globeteam can advise and develop strategic roadmaps within Identity and Access Management.

SSO Federation

At Globeteam, we have documented experience delivering federation-based IAM solutions that make it possible for users to have the same digital identity and login method (single sign-on) for applications and resources across several domains and networks. Among other things, we work with IAM solutions that are based on Microsoft ADFS, Azure, Okta and Safewhere Identify.

Physical Identity and Access Control (PIAM)

At Globeteam, we have documented experience specifying requirements, designing and implementing physical identity and Access Management at a global scale. Our solution design is based on existing technologies that can be used in this context, seeking out bridge building and integration with the IT department and existing platforms. We find that this helps our clients achieve significant savings, whilst also reducing complexity and ensuring a uniform compliance with security policies and compliance requirements.