100% satisfaction guarantee Immediately available after payment Both online and in PDF No strings attached
logo-home
CSIA 310: Cybersecurity Processes & Technologies Case Study #2: Technology & Product Review for Identity Governance & Administration $10.49   Add to cart

Case

CSIA 310: Cybersecurity Processes & Technologies Case Study #2: Technology & Product Review for Identity Governance & Administration

 3 views  0 purchase

CSIA 310: Cybersecurity Processes & Technologies Case Study #2: Technology & Product Review for Identity Governance & Administration

Preview 1 out of 3  pages

  • April 16, 2024
  • 3
  • 2023/2024
  • Case
  • Unknown
  • Unknown
All documents for this subject (7)
avatar-seller
Ellisolutions
CSIA 310: Cybersecurity Processes & Technologies
Case Study #2: Technology & Product Review for Identity Governance & Administration
Case Scenario:
For this case study, our focus shifts to technologies and products used to implement the Identity Governance & Administration (IGA) business process and related security controls. IGA is used to manage and mitigate insider threat. Insiders, because of their access to information and information resources (e.g. workstations, servers, networks), potentially have the opportunity and the means by which to steal intellectual property, commit fraud, and perform other types of mischief and mayhem (ranging from pranks to deliberate sabotage).
For our focus firm, Sifers-Grayson, access control and identity management have not been a serious concern ... or so their executives and managers thought. The majority of employees and managers are from the local area where there is a strong sense of community. The founders of the company belong to families who were among the original settlers for the county. They contribute heavily to local charities and youth organizations. They rely upon these connections to family and community when hiring and have a strong tradition of promoting from within.
The problem is that Sifers-Grayson's operations and sales have taken them into the vast geographies of the Internet and cyberspace. There is an emerging awareness among the engineering staff of the potential for outsiders to attack the company through its Internet connections. The thought that an insider might cause trouble for the firm is still hard for them to accept.
The company can no longer afford to depend upon social morays and norms to protect it against the possibility of insider threats. The new contracts specifically require proper labeling of information ("data classification") and require control over access to government furnished information ("GFI"). This means that the company needs to change its culture and change its management processes.
The primary means for protecting against insider threats is to control insider access to information, information systems, and the information infrastructure. The two most basic processes used to protect against insider threat are (a) identity management and (b) access controls. Data classification is also an important protective process since it enables the use of the value or sensitivity of information when determining how and when to grant access. Privilege management is a third protective process, which is used to protect against the misuse of permissive access to software applications and operating system functions. The principle of least privilege is an important control over this permissive access. Finally, separation of duties is a key business process, which is used to prevent insiders from abusing access to information and information resources. Research:
1.Review the weekly readings. 2.Choose an Identity Governance & Administration product which was mentioned in the readings. Research your chosen product using the vendor’s website and product information brochures. Copyright ©2017 by University of Maryland University College. All Rights ReservedThis study source was downloaded by 100000883835319 from CourseHero.com on 04-16-2024 14:51:47 GMT -05:00
https://www.coursehero.com/file/25228356/CSIA-310-Case-Study-2-Identity-Governance-Administration-v2docx/

The benefits of buying summaries with Stuvia:

Guaranteed quality through customer reviews

Guaranteed quality through customer reviews

Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.

Quick and easy check-out

Quick and easy check-out

You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.

Focus on what matters

Focus on what matters

Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!

Frequently asked questions

What do I get when I buy this document?

You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.

Satisfaction guarantee: how does it work?

Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.

Who am I buying these notes from?

Stuvia is a marketplace, so you are not buying this document from us, but from seller Ellisolutions. Stuvia facilitates payment to the seller.

Will I be stuck with a subscription?

No, you only buy these notes for $10.49. You're not tied to anything after your purchase.

Can Stuvia be trusted?

4.6 stars on Google & Trustpilot (+1000 reviews)

77254 documents were sold in the last 30 days

Founded in 2010, the go-to place to buy study notes for 14 years now

Start selling
$10.49
  • (0)
  Add to cart