Introduction of the Security Technology
In a company that engages in software development, a reputation for credibility and integrity is critical to ensure that rights and privileges are protected, and needs are addressed. It has to uphold the importance of governance in its operation management systems to uphold its purpose, which is to achieve stakeholder needs, conditions and options that are evaluated to determine balanced, agreed-on enterprise objectives (“Definition: Governance,” 2016). With governance, the company’s management is guided in the right direction through prioritization and decision-making; it is also able to monitor its performance properly not just by complying with agreed-on direction but also meeting set objectives for the company to accomplish.
Review of Features, Capabilities, and Deficiencies of Selected Vendor and Product
Brainwave GRC is one example of a software vendor that does Identity Analytics and Intelligence, with Worldwide presence from America, Europe, North to Africa (Identity Analytics, n. d.). Its thrust in the digital business world is to fight against fraud, data breaches and cyber threats, which are the important needs of the North-by-East Software company.
Brainwave provides solutions to problems that will help strengthen its IT security and compliance through its preventive contextualized risk analysis. It provides technology that manages risk and yet takes into account the company’s applications and data on-premise or in the Cloud. It uses solutions that are written in Java and SQL and uses a standard SQL database server as its repository information.
What is good about Brainwave is that it utilizes a convergence of identity administration and governance capabilities which are supplementary to IGA solutions in identifying analytics and intelligence. Its system provides entitlement ledger, data feed and reconciliation, data analysis, reporting, and Web portal functionality for searching, browsing and reporting purposes. Its solutions also support discovery, mining, and engineering of roles and entitlements, which are part of the service. (“Magic Quadrant,” 2013). Moreover, its identity access management solution is geared towards protecting assets, compliance with regulations, and reporting system for preventive risk management.
Discussion
In support of Cybersecurity Objectives
The Brainwave is utilized to meet the following requirements to support the company’s cybersecurity objectives by reducing risk, increasing resistance to threats/attacks and decreasing possible vulnerabilities:
- Demonstrates compliance with regulations. This is necessary when the organization needs to separate from its parts when it comes to information. This can be observed when only trained personnel have access to the production facility so that the company can mitigate risks and issues when it comes to access to information (“Business Benefits…,” 2016);
- Allows documentation that is not up to the task and many policies to existing in the heads of people but there is a structured approach that discovers, develops, improves and aligns policies hence prevents internal threats;
- Protects assets/ risk management. Since people are the most important asset of a company, the management of relations between the organization and the people’s identities is important. There has to be risk management in giving people access to these assets because if there is no system to control identities and assets, it is possible that the company cannot bear the risks and costs for lack of management (“Business Benefits…,” 2016);
- Ownership of access rights can be reviewed so that owners take responsibility for decisions because they are aware of the approval and review flows assigned to them. Legitimate users of systems and applications are identified, and anomalies are detected (“Business Benefits…,” 2016);
- Business Effectiveness. The product must make business sense and is effective enough to reduce costs regarding using company assets and means, such as software, mobile devices, etc. to install control system (“Business Benefits…,” 2016);
- Increase Productivity. The software product must be able to review and produce access rights that are well-organized to increase productivity and increase operational efficiency (“Business Benefits…,” 2016);
- Costs of provisioning. With Identity Access Management, there has to be full automation in the process of reducing costs of provisions. By offering many optional insights and automated processes, costs are reduced favorably. Thus the company can save costs (“Business Benefits…,” 2016);
- Using assets. Organization staff is considered assets because they have access to information and company assets. It is important therefore that there will be control of the workforce and assets to use to deliver direct cost savings (“Business Benefits…,” 2016);
- It is a necessary foundation for digital business and innovation to existing especially in IT organizations like North-by-East Software company that is faced with security concerns.
On Solving Security Issues
According to Cyril Gollain, Brainwave GRC CEO, his company is in the business of exploring risk-awareness approach to IAM, which takes into consideration “access management policies, consistent application of role-based access, segregation of duties and non-technical issues such as managing confidential information, employee contractual considerations and data protection aspects of information breaches” (“Identity Analytics,” n. d.). These are the areas that the North-by-East Software company needs to find solutions to knowing that it is required to instill discipline in its system when it comes to accessing the right resources at the right time and for the right reasons; it means that the company must be able to access to the resources that enable it to align resources with its business directions, skills and technical expertise not discounting the need to comply with governance compliance requirements. In case of potential breaches or violations of access to data or information and use of assets, Brainwave has a way to manage confidential information to protect aspects of information breaches while extending employee contractual consideration without jeopardizing cybersecurity protocols.
References
Business Benefits of IAM FastTrack Identity Governance and Administration (IGA). (2015). Capgemini. Retrieved from https://www.se.capgemini.com/resource-file-access/resource/pdf/idaas-iga_fasttrack_business_benefits_2.0.pdf
Definition: Governance. (2016). ISACA. Retrieved from http://www.isaca.org/Pages/Glossary.aspx?tid=1443&char=G
Identity Analytics by Brainwave GRC. (n.d.) Brainwave GRC. Retrieved from http://www.brainwavegrc.com/
Identity and Access Management. (2016). Gartner, Inc. Retrieved from http://www.gartner.com/it-glossary/identity-and-access-management-iam/
Identity Management Software. (2013). Trust Radius. Retrieved from https://www.trustradius.com/identity-management?f=25
Magic Quadrant for Identity Governance and Administration. (2013). Gartner, Inc. Retrieved from http://innetworktech.com/wp-content/uploads/2014/01/Magic-Quadrant-for-Identity-Governance-and-Administration.pdf
Special Report: Cybersecurity at the Speed of Digital Business. (2016). Gartner, Inc. Retrieved from https://www.gartner.com/doc/3426427?srcId=1-3931087981
