The true value of identity and access governance

Read time 2min 00sec
Amanda Hechter, managing consultant at Mobius Consulting.
Amanda Hechter, managing consultant at Mobius Consulting.

Identity and access governance (IAG) has become a core part of any enterprise's cyber security strategy. Robust IAG solutions can enable businesses to increase employee productivity and improve their overall security posture.

However, in order to get the true value from IAG, it needs to happen at a strategic level that is driven from a top-down approach as well as on a day-to-day basis within IT and business operations.

This is according to Amanda Hechter, managing consultant at Mobius Consulting, who will be presenting on 'Taking access management beyond tick-box compliance', at the ITWeb Security Summit 2018, to be held from 21 to 25 May at Vodacom World in Midrand.

Speaking of what businesses are doing wrong when it comes to IAG, she says they are placing too much focus on compliance, and not enough focus on how to gain the true value from IAG.

"Moreover, they are not defining clear IAG strategies, not building IAG operating models with a long-term view of sustaining capabilities, and not fully embedding IAG across the organisation."

To reap the benefits of IAG, Hechter says businesses need to clearly define what IAG means for their organisations and what they intend to gain from it. "They need to work with all key role players involved in IAG, seeing this as an organisation-wide problem and opportunity for improvement."

ITWeb Security Summit 2018

Registration is open for the ITWeb Security Summit 2018 in Johannesburg and Cape Town. Experts from around the world will be presenting, including global security expert Mikko Hypponen, who has been instrumental in uncovering and bringing down several infamous threats, and has assisted law enforcement agencies across the globe. In addition, several other top speakers will be sharing their knowledge, including Intel's Rodrigo Branco who will unpack blinded random block corruption attacks for the audience. Get involved in #SS18HACK and choose from two half-day workshops or a full-day boot camp, plus five training courses, and much more. For the agenda, click here.

To find out more and register for the ITWeb Security Summit 2018, go to:

When implemented correctly, she says IAG offers real information security control for the protection of information. "IAG also has business-enabling capabilities that ensure the right people have the right access, and most importantly in this case, at the right time."

IAG also offers risk-based access management, so that access management become about managing access based on risk and not just managing access to be compliant, she adds.

Delegates attending Hechter's talk will learn how to build a business case for IAG, and how a high level and holistic approach can ensure the success of IAG implementations. They will also learn about the aspects that need to be considered when implementing IAG solutions.

Login with